cve,vendor_name,epss,severity_score,exploit_poc_availability,vuln_prod_hw,vuln_prod_app,vuln_prod_os,vulnerability_type,cve_published_date,patch_availability,patch_release_date,advice_availability,advice_release_date,patch_timeliness,description,cvss_vector,attack_vector,attack_complexity,privileges_required,user_interaction,scope,confidentiality_impact,integrity_impact,availability_impact,base_severity,exploitability_score,impact_score,weaknesses,cpe,total_exploits,verified_exploits
CVE-2016-0002,Microsoft,0.79612,7.5,0.0,0.0,1.0,0.0,1,2016-01-13,1.0,2016-02-19,,,0.0,"The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka ""Scripting Engine Memory Corruption Vulnerability.""",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-119'],,0,0
CVE-2016-0003,Microsoft,0.95183,9.6,0.0,0.0,1.0,0.0,1,2016-01-13,1.0,2015-12-08,,,1.0,"Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka ""Microsoft Edge Memory Corruption Vulnerability.""",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.8,6.0,['CWE-119'],['cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*'],0,0
CVE-2016-4447,Microsoft,0.0016,7.5,0.0,0.0,0.0,1.0,1,2016-06-09,0.0,,0.0,,,"The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-119'],"['cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:itunes:12.4.1:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*']",0,0
CVE-2016-4448,Microsoft,0.01018,9.8,0.0,0.0,0.0,1.0,1,2016-06-09,0.0,,0.0,,,Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-134'],"['cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*', 'cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*', 'cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:log_correlation_engine:4.8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*']",0,0
CVE-2016-6914,Microsoft,0.00062,7.8,1.0,0.0,0.0,1.0,1,2017-12-27,0.0,,0.0,,,"Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-276'],"['cpe:2.3:a:ui:unifi_video:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*']",1,0
CVE-2016-7225,Microsoft,0.00046,6.1,1.0,0.0,0.0,1.0,1,2016-11-10,1.0,2016-10-31,,,1.0,"Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka ""VHD Driver Elevation of Privilege Vulnerability.""",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,HIGH,NONE,MEDIUM,1.8,4.2,['CWE-284'],"['cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*']",1,1
CVE-2016-7081,Microsoft,0.00135,7.8,0.0,0.0,0.0,1.0,0,2016-12-29,0.0,,0.0,,,"Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.",CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H,LOCAL,HIGH,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,1.1,6.0,['CWE-119'],"['cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*']",0,0
CVE-2017-0064,Microsoft,0.00232,6.5,0.0,0.0,1.0,0.0,0,2017-05-12,1.0,2017-05-09,,,1.0,"A security feature bypass vulnerability exists in Internet Explorer that allows for bypassing Mixed Content warnings, aka ""Internet Explorer Security Feature Bypass Vulnerability.""",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*']",0,0
CVE-2018-17653,Microsoft,0.01175,8.8,0.0,0.0,0.0,1.0,0,2019-01-24,0.0,,0.0,,,This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the resolveNode method of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6503.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-416'],"['cpe:2.3:a:foxitsoftware:phantompdf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:foxitsoftware:reader:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2018-18098,Microsoft,0.00044,7.3,0.0,0.0,0.0,1.0,0,2019-01-10,0.0,,0.0,,,Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows before 2.2.100 may allow an escalation of privilege via local access.,CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.3,5.9,['CWE-732'],"['cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:sgx_platform_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:sgx_sdk:*:*:*:*:*:*:*:*']",0,0
CVE-2018-21026,Microsoft,0.00273,7.5,0.0,0.0,0.0,1.0,0,2019-11-12,0.0,,0.0,,,A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 allows an unauthenticated remote user to read internal information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*', 'cpe:2.3:a:hitachi:device_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*', 'cpe:2.3:a:hitachi:tiered_storage_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*', 'cpe:2.3:a:hitachi:replication_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:hitachi:tuning_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:hitachi:compute_systems_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2018-7250,Microsoft,0.00069,5.5,0.0,0.0,0.0,1.0,0,2018-02-26,0.0,,0.0,,,"An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. An uninitialized kernel pool allocation in IOCTL 0xCA002813 allows a local unprivileged attacker to leak 16 bits of uninitialized kernel PagedPool data.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-200'],"['cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_8:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*', 'cpe:2.3:a:tivo:safedisc:-:*:*:*:*:*:*:*']",0,0
CVE-2018-8239,Microsoft,0.00604,5.5,0.0,0.0,0.0,1.0,0,2018-06-14,1.0,2018-06-12,,,1.0,"An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ""Windows GDI Information Disclosure Vulnerability."" This affects Windows Server 2016, Windows 10, Windows 10 Servers.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-200'],"['cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*']",0,0
CVE-2018-8447,Microsoft,0.13667,7.5,0.0,0.0,1.0,1.0,0,2018-09-13,1.0,2018-09-11,,,1.0,"A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka ""Internet Explorer Memory Corruption Vulnerability."" This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8461.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-787'],"['cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*']",0,0
CVE-2018-8513,Microsoft,0.08351,7.5,0.0,0.0,1.0,1.0,0,2018-10-10,1.0,2018-10-09,,,1.0,"A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ""Chakra Scripting Engine Memory Corruption Vulnerability."" This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE-2018-8511.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-787'],"['cpe:2.3:a:microsoft:chakracore:-:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*']",0,0
CVE-2018-8653,Microsoft,0.02264,7.5,0.0,0.0,1.0,1.0,0,2018-12-20,1.0,2018-12-19,,,1.0,"A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka ""Scripting Engine Memory Corruption Vulnerability."" This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8643.",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-787'],"['cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:pro_n:*:*:*', 'cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*']",0,0
CVE-2019-1351,Microsoft,0.00255,7.5,0.0,0.0,1.0,0.0,0,2020-01-24,1.0,2019-12-10,,,1.0,"A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-706'],"['cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*']",0,0
CVE-2019-4057,Microsoft,0.00044,6.7,0.0,0.0,0.0,1.0,0,2019-07-01,0.0,,0.0,,,"IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow malicious user with access to the DB2 instance account to leverage a fenced execution process to execute arbitrary code as root. IBM X-Force ID: 156567.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:ibm:db2:9.7.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:9.7.0.10:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:9.7.0.11:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.1.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.1.0.5:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.1.0.6:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.5.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.5.0.8:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.5.0.9:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.5.0.10:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:11.1.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:11.1.2.2:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:11.1.3.3:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:11.1.4.4:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2019-4738,Microsoft,0.00057,6.5,0.0,0.0,0.0,1.0,0,2020-12-10,1.0,2020-07-22,,,1.0,IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system. IBM X-Force ID: 172753.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-312'],"['cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*', 'cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:standard:*:*:*', 'cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:standard:*:*:*']",0,0
CVE-2019-6748,Microsoft,0.0027,7.8,0.0,0.0,0.0,1.0,0,2019-06-03,0.0,,0.0,,,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Studio Photo 3.6.6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of EZI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7637.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:a:foxitsoftware:foxit_studio_photo:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2019-7069,Microsoft,0.00566,8.8,0.0,0.0,0.0,1.0,0,2019-05-24,0.0,,0.0,,,"Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-843'],"['cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*', 'cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*', 'cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2019-7814,Microsoft,0.05642,8.8,0.0,0.0,0.0,1.0,0,2019-05-22,0.0,,0.0,,,"Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-416'],"['cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*', 'cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*', 'cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2019-8002,Microsoft,0.00239,7.5,0.0,0.0,0.0,1.0,0,2019-08-20,0.0,,0.0,,,"Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*', 'cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*', 'cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2019-8021,Microsoft,0.00239,7.5,0.0,0.0,0.0,1.0,0,2019-08-20,0.0,,0.0,,,"Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*', 'cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*', 'cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*', 'cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2020-0664,Microsoft,0.00869,6.5,0.0,0.0,0.0,1.0,0,2020-09-11,1.0,2020-09-08,,,1.0,"<p>An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system.</p>
<p>To exploit this condition, an authenticated attacker would need to send a specially crafted request to the AD|DNS service. Note that the information disclosure vulnerability by itself would not be sufficient for an attacker to compromise a system. However, an attacker could combine this vulnerability with additional vulnerabilities to further exploit the system.</p>
<p>The update addresses the vulnerability by correcting how Active Directory integrated DNS (ADIDNS) handles objects in memory.</p>
",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*', 'cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*', 'cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*']",0,0
CVE-2020-1327,Microsoft,0.00123,6.1,0.0,0.0,0.0,1.0,0,2020-06-09,1.0,2020-06-09,,,1.0,"A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:microsoft:azure_devops_server:2019:update1:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:azure_devops_server:2019:update1.1:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:azure_devops_server:2019.0.1:*:*:*:*:*:*:*']",0,0
CVE-2020-1366,Microsoft,0.00043,7.8,0.0,0.0,0.0,1.0,0,2020-07-14,1.0,2020-07-14,,,1.0,"An elevation of privilege vulnerability exists when the Windows Print Workflow Service improperly handles objects in memory, aka 'Windows Print Workflow Service Elevation of Privilege Vulnerability'.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*']",0,0
CVE-2020-1452,Microsoft,0.0067,8.6,0.0,0.0,1.0,0.0,0,2020-09-11,1.0,2020-09-08,,,1.0,"<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p>
<p>Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.</p>
<p>The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.</p>
",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,HIGH,LOW,HIGH,3.9,4.7,['CWE-494'],"['cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*']",0,0
CVE-2020-3927,Microsoft,0.00071,7.5,0.0,0.0,0.0,1.0,0,2020-02-03,0.0,,0.0,,,"An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-552'],"['cpe:2.3:a:changingtec:servisign:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2020-4414,Microsoft,0.00042,4.4,0.0,0.0,0.0,1.0,0,2020-07-01,1.0,2020-12-10,,,0.0,"IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. IBM X-Force ID: 179989.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,LOW,MEDIUM,1.8,2.5,['NVD-CWE-noinfo'],"['cpe:2.3:a:ibm:db2:9.7.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.1.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:10.5.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:db2:11.5.0.0:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2020-4842,Microsoft,0.00196,4.9,0.0,0.0,0.0,1.0,0,2020-12-21,1.0,2020-09-16,,,1.0,IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190046.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.2,3.6,['CWE-209'],"['cpe:2.3:a:ibm:security_secret_server:10.6:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2020-4935,Microsoft,0.0005,5.4,0.0,0.0,0.0,1.0,0,2021-07-01,1.0,2021-06-30,,,1.0,IBM Datacap Fastdoc Capture (IBM Datacap Navigator 9.1.7 ) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191753.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:a:ibm:datacap_navigator:9.1.7:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2020-6938,Microsoft,0.00149,7.5,0.0,0.0,0.0,1.0,0,2020-07-08,0.0,,0.0,,,"A sensitive information disclosure vulnerability in Tableau Server 10.5, 2018.x, 2019.x, 2020.x released before June 26, 2020, could allow access to sensitive information in log files.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-532'],"['cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:tableau:tableau_server:10.5:*:*:*:*:*:*:*']",0,0
CVE-2020-8844,Microsoft,0.54609,7.8,0.0,0.0,0.0,1.0,0,2020-02-14,0.0,,0.0,,,"This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG files within CovertToPDF. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9102.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-190'],"['cpe:2.3:a:foxitsoftware:reader:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:foxitsoftware:phantompdf:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2021-0076,Microsoft,0.00044,5.5,0.0,0.0,0.0,1.0,0,2022-02-09,0.0,,0.0,,,"Improper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable denial of service via local access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-20'],"['cpe:2.3:o:intel:amt_ac_8260_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:amt_ac_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:amt_ac_8265_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:amt_ac_8265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:amt_ac_9260_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:amt_ac_9260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:amt_ac_9560_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:amt_ac_9560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:amt_wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:amt_wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:amt_wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:amt_wi-fi_6_ax200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:amt_wi-fi_6_ax201_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:amt_wi-fi_6_ax201_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:amt_wi-fi_6_ax201:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:amt_wi-fi_6_ax210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:amt_wi-fi_6_ax210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:proset_ac_3165_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:proset_ac_3165:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:proset_ac_3168_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:proset_ac_3168:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:proset_ac_8260_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:proset_ac_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:proset_ac_8265_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:proset_ac_8265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:proset_ac_9260_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:proset_ac_9260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:proset_ac_9461_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:proset_ac_9461:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:proset_ac_9462_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:proset_ac_9462:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:proset_ac_9560_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:proset_ac_9560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:proset_wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:proset_wi-fi_6_ax200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:proset_wi-fi_6_ax201_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:proset_wi-fi_6_ax201:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:proset_wi-fi_6e_ax210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:proset_wi-fi_6e_ax210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:proset_wireless_7265_\\(rev_d\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:proset_wireless_7265_\\(rev_d\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:killer_ac_1550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:killer_ac_1550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:killer_wi-fi_6_ax1650_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:killer_wi-fi_6_ax1650:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:killer_wi-fi_6e_ax1675_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:killer_wi-fi_6e_ax1675:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2021-1051,Microsoft,0.00042,8.4,0.0,0.0,0.0,1.0,0,2021-01-08,0.0,,0.0,,,"NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H,LOCAL,LOW,LOW,NONE,CHANGED,NONE,HIGH,HIGH,HIGH,2.0,5.8,['CWE-269'],"['cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*']",0,0
CVE-2021-1088,Microsoft,0.00044,4.4,0.0,0.0,0.0,1.0,0,2021-11-20,0.0,,0.0,,,"NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.8,3.6,['NVD-CWE-Other'],"['cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:drive_constellation:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2070:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2080:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvidia_t1000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvidia_t2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvidia_t4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvidia_t400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvidia_t600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_rtx_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_rtx_4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_rtx_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_rtx_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_rtx_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_t1000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_t2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_t400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_t600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_rtx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*']",0,0
CVE-2021-1492,Microsoft,0.00042,7.1,0.0,0.0,0.0,1.0,0,2021-03-25,0.0,,0.0,,,"The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Duo Authentication Proxy installer, cause Denial of Service (DoS) by deleting file(s), or replace system files to potentially achieve elevation of privileges. This is only exploitable during new installations, while the installer is running, and is not exploitable once installation has finished. Versions 5.2.1 of Duo Authentication Proxy installer addresses this issue.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,HIGH,1.8,5.2,['CWE-64'],"['cpe:2.3:a:duo:authentication_proxy:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2022-2188,Microsoft,0.00042,5.5,0.0,0.0,0.0,1.0,0,2022-11-07,1.0,2022-06-29,,,1.0,"Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker.
",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-732'],"['cpe:2.3:a:mcafee:data_exchange_layer:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2022-22319,Microsoft,0.00096,5.4,0.0,0.0,0.0,1.0,0,2022-05-09,1.0,2022-04-01,,,1.0,IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,LOW,MEDIUM,2.8,2.5,['NVD-CWE-noinfo'],"['cpe:2.3:a:ibm:robotic_process_automation:21.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:robotic_process_automation:21.0.1.2:*:*:*:*:*:*:*', 'cpe:2.3:a:ibm:robotic_process_automation_as_a_service:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2022-23764,Microsoft,0.0048,9.8,0.0,0.0,0.0,1.0,0,2022-08-17,0.0,,0.0,,,"The vulnerability causing from insufficient verification procedures for downloaded files during WebCube update. Remote attackers can bypass this verification logic to update both digitally signed and unauthorized files, enabling remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-346'],"['cpe:2.3:a:teruten:webcube:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2016-0862,General Electric,0.00184,6.5,1.0,1.0,0.0,1.0,1,2016-02-05,1.0,2018-08-23,,,0.0,General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to obtain sensitive cleartext account information via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-200'],"['cpe:2.3:o:ge:snmp\\/web_adapter_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:snmp\\/web_adapter_1024746:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:snmp\\/web_adapter_1024747:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:snmp\\/web_adapter_1024748:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:snmp\\/web_adapter_1024921:-:*:*:*:*:*:*:*']",1,1
CVE-2016-2310,General Electric,0.00423,9.8,0.0,1.0,0.0,1.0,1,2016-06-09,1.0,2016-06-07,,,1.0,"General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web interface.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:ge:multilink_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilink_ml1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilink_ml1600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilink_ml2400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilink_ml800:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilink_ml810:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilink_ml3000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilink_ml3100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilink_ml810:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilink_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2016-5788,General Electric,0.00637,10.0,0.0,1.0,0.0,1.0,1,2016-11-25,1.0,2016-10-16,,,1.0,"General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,6.0,['CWE-254'],"['cpe:2.3:o:ge:bently_nevada_3500\\/22m_usb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:bently_nevada_3500\\/22m_usb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:bently_nevada_3500\\/22m_serial_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:bently_nevada_3500\\/22m_serial:-:*:*:*:*:*:*:*']",0,0
CVE-2016-9360,General Electric,0.00067,6.7,0.0,0.0,1.0,0.0,1,2017-02-13,0.0,,0.0,,,"An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Version 6.0 and prior versions. An attacker may be able to retrieve user passwords if he or she has access to an authenticated session.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L,LOCAL,HIGH,HIGH,NONE,CHANGED,HIGH,LOW,LOW,MEDIUM,0.8,5.3,['CWE-522'],"['cpe:2.3:a:ge:cimplicity:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:historian:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:ifix:*:*:*:*:*:*:*:*']",0,0
CVE-2017-12732,General Electric,0.00612,6.8,0.0,0.0,1.0,0.0,1,2017-10-05,0.0,,0.0,,,"A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. A function reads a packet to indicate the next packet length. The next packet length is not verified, allowing a buffer overwrite that could lead to an arbitrary remote code execution.",CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,HIGH,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,"['CWE-119', 'CWE-121']",['cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:*:*:*:*:*:*:*:*'],0,0
CVE-2017-14002,General Electric,0.00231,9.8,0.0,1.0,0.0,1.0,1,2018-03-20,1.0,2018-03-13,,,1.0,GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-798', 'CWE-287']","['cpe:2.3:o:ge:infinia_hawkeye_4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:infinia_hawkeye_4:-:*:*:*:*:*:*:*']",0,0
CVE-2017-14006,General Electric,0.00355,9.8,0.0,0.0,1.0,0.0,1,2018-03-20,1.0,2018-03-13,,,1.0,"GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-798', 'CWE-287']","['cpe:2.3:a:ge:xeleris:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:xeleris:1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:xeleris:2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:xeleris:3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:xeleris:3.1:*:*:*:*:*:*:*']",0,0
CVE-2017-7905,General Electric,0.00207,9.8,0.0,1.0,0.0,1.0,1,2017-06-30,0.0,,0.0,,,"A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-326', 'CWE-261']","['cpe:2.3:o:ge:multilin_sr_750_feeder_protection_relay_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_sr_750_feeder_protection_relay:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_sr_760_feeder_protection_relay_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_sr_760_feeder_protection_relay:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_sr_469_motor_protection_relay_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_sr_469_motor_protection_relay:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_sr_489_generator_protection_relay_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_sr_489_generator_protection_relay:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_sr_745_transformer_protection_relay_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_sr_745_transformer_protection_relay:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_sr_369_motor_protection_relay_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_sr_369_motor_protection_relay:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_universal_relay_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_universal_relay:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_urplus_d90_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_urplus_d90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_urplus_c90_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_urplus_c90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_urplus_b95_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_urplus_b95:-:*:*:*:*:*:*:*']",0,0
CVE-2018-10611,General Electric,0.03999,9.8,0.0,0.0,1.0,0.0,1,2018-06-04,1.0,2018-05-31,,,1.0,Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:enterprise:*:*:*']",0,0
CVE-2018-10615,General Electric,0.00168,8.1,0.0,0.0,1.0,0.0,1,2018-06-04,1.0,2018-05-31,,,1.0,Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,"['CWE-22', 'CWE-23']","['cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:enterprise:*:*:*']",0,0
CVE-2018-15362,General Electric,0.0028,9.1,0.0,0.0,1.0,0.0,1,2018-12-07,1.0,2018-12-06,,,1.0,"XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,CRITICAL,3.9,5.2,['CWE-611'],"['cpe:2.3:a:ge:cimplicity:9.0_r2:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:cimplicity:9.5:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:cimplicity:10.0:*:*:*:*:*:*:*']",0,0
CVE-2018-17925,General Electric,0.00044,4.8,0.0,0.0,1.0,0.0,1,2018-10-10,1.0,2017-06-30,,,1.0,"Multiple instances of this vulnerability (Unsafe ActiveX Control Marked Safe For Scripting) have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft charting package outside the iFIX product may expose users to the reported vulnerability. The reported method shown to impact Internet Explorer is not exposed in the iFIX product, nor is the core functionality of the iFIX product known to be impacted.",CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,LOW,LOW,LOW,MEDIUM,1.3,3.4,"['NVD-CWE-noinfo', 'CWE-623']",['cpe:2.3:a:ge:ifix:*:*:*:*:*:*:*:*'],0,0
CVE-2018-5473,General Electric,0.03792,9.8,0.0,1.0,0.0,1.0,1,2018-02-19,1.0,2018-02-12,,,1.0,An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. The SSH functions of the device are vulnerable to buffer overflow conditions that may allow a remote attacker to execute arbitrary code on the device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:ge:d60_line_distance_relay_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:d60_line_distance_relay:-:*:*:*:*:*:*:*']",0,0
CVE-2018-5475,General Electric,0.01753,9.8,0.0,1.0,0.0,1.0,1,2018-02-19,1.0,2018-02-12,,,1.0,"A Stack-based Buffer Overflow issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified, which may allow remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:o:ge:d60_line_distance_relay_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:d60_line_distance_relay:-:*:*:*:*:*:*:*']",0,0
CVE-2018-8867,General Electric,0.00132,7.5,0.0,1.0,0.0,1.0,1,2018-05-18,1.0,2018-05-21,,,0.0,"In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 version 9.21 and prior, RX3i CPE 400 version 9.30 and prior, PACSystems RSTi-EP CPE 100 all versions, and PACSystems CPU320/CRU320 RXi all versions, the device does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the device to become unavailable.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:o:ge:pacsystems_rx3i_cpe305_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:pacsystems_rx3i_cpe305:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:pacsystems_rx3i_cpe310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:pacsystems_rx3i_cpe310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:rx3i_cpe330_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:rx3i_cpe330:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:rx3i_cpe_400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:rx3i_cpe_400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:pacsystems_rsti-ep_cpe_100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:pacsystems_rsti-ep_cpe_100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:pacsystems_cpu320_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:pacsystems_cpu320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:pacsystems_cru320_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:pacsystems_cru320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:pacsystems_rxi_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:pacsystems_rxi:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10966,General Electric,0.00073,5.3,0.0,1.0,0.0,1.0,1,2019-07-10,0.0,,1.0,2019-07-24,,"In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE,MEDIUM,3.9,1.4,['CWE-287'],"['cpe:2.3:o:ge:aestiva_7100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:aestiva_7100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:aestiva_7900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:aestiva_7900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:aespire_7100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:aespire_7100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:aespire_7900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:aespire_7900:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18255,General Electric,0.00042,5.5,0.0,0.0,1.0,0.0,1,2021-02-18,1.0,2021-02-09,,,1.0,HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects. This may allow privilege escalation.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['CWE-732'],['cpe:2.3:a:ge:ifix:*:*:*:*:*:*:*:*'],0,0
CVE-2020-16242,General Electric,0.001,6.1,0.0,1.0,0.0,1.0,1,2020-09-25,1.0,2020-09-28,,,0.0,"The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:ge:s2020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:s2020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:s2024_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:s2024:-:*:*:*:*:*:*:*']",0,0
CVE-2020-27263,General Electric,0.01554,9.1,0.0,0.0,1.0,0.0,1,2021-01-14,1.0,2021-01-05,,,1.0,"KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,CRITICAL,3.9,5.2,"['CWE-787', 'CWE-122']","['cpe:2.3:a:ge:industrial_gateway_server:7.66:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:industrial_gateway_server:7.68.804:*:*:*:*:*:*:*', 'cpe:2.3:a:ptc:kepware_kepserverex:6.0:*:*:*:*:*:*:*', 'cpe:2.3:a:ptc:kepware_kepserverex:6.9:*:*:*:*:*:*:*', 'cpe:2.3:a:ptc:opc-aggregator:-:*:*:*:*:*:*:*', 'cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*', 'cpe:2.3:a:ptc:thingworx_kepware_server:6.8:*:*:*:*:*:*:*', 'cpe:2.3:a:ptc:thingworx_kepware_server:6.9:*:*:*:*:*:*:*', 'cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.6.504.0:*:*:*:*:*:*:*', 'cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.9.572.0:*:*:*:*:*:*:*', 'cpe:2.3:a:softwaretoolbox:top_server:*:*:*:*:*:*:*:*']",0,0
CVE-2020-27267,General Electric,0.01554,9.1,0.0,0.0,1.0,0.0,1,2021-01-14,1.0,2021-01-05,,,1.0,"KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all versions), Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server v7.68.804 and v7.66, and Software Toolbox TOP Server all 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,CRITICAL,3.9,5.2,"['CWE-787', 'CWE-416']","['cpe:2.3:a:ge:industrial_gateway_server:7.66:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:industrial_gateway_server:7.68.804:*:*:*:*:*:*:*', 'cpe:2.3:a:ptc:kepware_kepserverex:6.0:*:*:*:*:*:*:*', 'cpe:2.3:a:ptc:kepware_kepserverex:6.9:*:*:*:*:*:*:*', 'cpe:2.3:a:ptc:opc-aggregator:-:*:*:*:*:*:*:*', 'cpe:2.3:a:ptc:thingworx_industrial_connectivity:-:*:*:*:*:*:*:*', 'cpe:2.3:a:ptc:thingworx_kepware_server:6.8:*:*:*:*:*:*:*', 'cpe:2.3:a:ptc:thingworx_kepware_server:6.9:*:*:*:*:*:*:*', 'cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.6.504.0:*:*:*:*:*:*:*', 'cpe:2.3:a:rockwellautomation:kepserver_enterprise:6.9.572.0:*:*:*:*:*:*:*', 'cpe:2.3:a:softwaretoolbox:top_server:*:*:*:*:*:*:*:*']",0,0
CVE-2020-6992,General Electric,0.00042,6.7,0.0,0.0,1.0,0.0,1,2020-04-15,1.0,2020-01-31,,,1.0,"A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to the arbitrary execution of code. This vulnerability is only exploitable if an attacker has access to an authenticated session. GE Digital CIMPLICITY v11.0, released January 2020, contains mitigation for this local privilege escalation vulnerability. GE Digital recommends all users upgrade to GE CIMPLICITY v11.0 or newer.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-269'],['cpe:2.3:a:ge:cimplicity:*:*:*:*:*:*:*:*'],0,0
CVE-2021-27438,General Electric,0.0009,8.8,0.0,1.0,0.0,0.0,1,2021-03-25,1.0,2021-03-23,,,1.0,The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-798', 'CWE-94']","['cpe:2.3:o:ge:reason_dr60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:reason_dr60:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27450,General Electric,0.00044,7.8,0.0,1.0,0.0,0.0,1,2021-03-25,1.0,2021-03-23,,,1.0,"SSH server configuration file does not implement some best practices. This could lead to a weakening of the SSH protocol strength, which could lead to additional misconfiguration or be leveraged as part of a larger attack on the MU320E (all firmware versions prior to v04A00.1).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-326'],"['cpe:2.3:o:ge:mu320e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:mu320e:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27454,General Electric,0.00044,7.8,0.0,1.0,0.0,0.0,1,2021-03-25,1.0,2021-03-23,,,1.0,"The software performs an operation at a privilege level higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses on the Reason DR60 (all firmware versions prior to 02A04.1).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['CWE-269', 'CWE-250']","['cpe:2.3:h:ge:reason_dr60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:reason_dr60_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2022-21798,General Electric,0.00193,9.8,0.0,0.0,1.0,0.0,1,2022-02-25,1.0,2022-02-24,,,1.0,"The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-319'],['cpe:2.3:a:ge:cimplicity:*:*:*:*:*:*:*:*'],0,0
CVE-2017-14004,General Electric,0.00355,9.8,0.0,0.0,1.0,0.0,0,2018-03-20,1.0,2018-03-13,,,1.0,GE GEMNet License server (EchoServer) all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-798', 'CWE-287']",['cpe:2.3:a:ge:gemnet_license_server:-:*:*:*:*:*:*:*'],0,0
CVE-2017-7908,General Electric,0.00081,7.6,0.0,0.0,1.0,0.0,0,2018-10-02,1.0,2018-10-02,,,1.0,"A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,HIGH,HIGH,2.8,4.7,"['CWE-119', 'CWE-122']","['cpe:2.3:a:gigasoft:proessentials:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:ge_communicator:*:*:*:*:*:*:*:*']",0,0
CVE-2018-19003,General Electric,0.00116,7.5,0.0,1.0,0.0,1.0,0,2018-12-14,1.0,2018-12-13,,,1.0,"GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100e_Reg All versions prior to v04.09.00C, and LS2100e All versions prior to v04.09.00C The affected versions of the application have a path traversal vulnerability that fails to restrict the ability of an attacker to gain access to restricted information.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:ge:ex2100e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:ex2100e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:ls2100e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:ls2100e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:ex2100e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:ex2100e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:ls2100e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:ls2100e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:mark_vle_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:mark_vle:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13554,General Electric,0.00104,8.8,0.0,0.0,0.0,1.0,0,2020-04-07,0.0,,1.0,2019-10-15,,GE Mark VIe Controller has an unsecured Telnet protocol that may allow a user to create an authenticated session using generic default credentials. GE recommends that users disable the Telnet service.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['NVD-CWE-Other', 'CWE-285']",['cpe:2.3:o:ge:mark_vie_control_system:-:*:*:*:*:*:*:*'],0,0
CVE-2019-6544,General Electric,0.00093,5.6,0.0,0.0,1.0,0.0,0,2019-05-09,1.0,2019-05-02,,,1.0,"GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. This service is inaccessible to attackers if Windows default firewall settings are used by the end user.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,LOW,LOW,MEDIUM,2.2,3.4,"['NVD-CWE-Other', 'CWE-284']",['cpe:2.3:a:ge:ge_communicator:*:*:*:*:*:*:*:*'],0,0
CVE-2019-6546,General Electric,0.00065,7.8,0.0,0.0,1.0,0.0,0,2019-05-09,1.0,2019-05-02,,,1.0,"GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:ge:ge_communicator:*:*:*:*:*:*:*:*'],0,0
CVE-2019-6548,General Electric,0.00213,9.8,0.0,0.0,1.0,0.0,0,2019-05-09,1.0,2019-05-02,,,1.0,"GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],['cpe:2.3:a:ge:ge_communicator:*:*:*:*:*:*:*:*'],0,0
CVE-2019-6564,General Electric,0.00065,7.8,0.0,0.0,1.0,0.0,0,2019-05-09,1.0,2019-05-02,,,1.0,"GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:ge:ge_communicator:*:*:*:*:*:*:*:*'],0,0
CVE-2020-12017,General Electric,0.0024,9.8,0.0,1.0,0.0,1.0,0,2020-06-02,1.0,2020-06-02,,,1.0,"GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05. The device’s vulnerability in the web application could allow multiple unauthenticated attacks that could cause serious impact. The vulnerability may allow an unauthenticated attacker to execute arbitrary commands and send a request to a specific URL that could cause the device to become unresponsive. The unauthenticated attacker may change the password of the 'configuration' user account, allowing the attacker to modify the configuration of the device via the web interface using the new password. This vulnerability may also allow an unauthenticated attacker to bypass the authentication required to configure the device and reboot the system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:h:ge:rt430:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:rt430_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:rt431:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:rt431_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:rt434:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:rt434_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-16240,General Electric,0.0008,5.3,0.0,0.0,1.0,0.0,0,2020-09-23,1.0,2021-01-05,,,0.0,"GE Digital APM Classic, Versions 4.4 and prior. An insecure direct object reference (IDOR) vulnerability allows user account data to be downloaded in JavaScript object notation (JSON) format by users who should not have access to such functionality. An attacker can download sensitive data related to user accounts without having the proper privileges.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-639'],['cpe:2.3:a:ge:asset_performance_management_classic:*:*:*:*:*:*:*:*'],0,0
CVE-2020-16244,General Electric,0.00104,7.2,0.0,0.0,1.0,0.0,0,2020-09-23,1.0,2020-09-22,,,1.0,"GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for hash calculation of passwords, making it possible to decrypt passwords. This design flaw, along with the IDOR vulnerability, puts the entire platform at high risk because an authenticated user can retrieve all user account data and then retrieve the actual passwords.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,"['NVD-CWE-Other', 'CWE-759']",['cpe:2.3:a:ge:asset_performance_management_classic:*:*:*:*:*:*:*:*'],0,0
CVE-2020-16246,General Electric,0.001,6.1,0.0,1.0,0.0,1.0,0,2020-10-20,1.0,2020-09-28,,,1.0,"The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site and executed by the victim client.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:h:ge:s2020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:s2020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:s2024:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:s2024_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-25193,General Electric,0.00074,5.3,0.0,1.0,0.0,1.0,0,2022-03-18,1.0,2021-01-05,,,1.0,"By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,"['CWE-798', 'CWE-321']","['cpe:2.3:o:ge:rt430_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:rt430:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:rt431_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:rt431:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:rt434_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:rt434:-:*:*:*:*:*:*:*']",0,0
CVE-2020-25197,General Electric,0.00271,8.8,0.0,1.0,0.0,1.0,0,2022-03-18,1.0,2021-01-05,,,1.0,"A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-94'],"['cpe:2.3:h:ge:rt430:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:rt430_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:rt431:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:rt431_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:rt434:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:rt434_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-6977,General Electric,0.00067,6.8,0.0,1.0,0.0,1.0,0,2020-02-20,0.0,,1.0,2020-02-18,,"A restricted desktop environment escape vulnerability exists in the Kiosk Mode functionality of affected devices. Specially crafted inputs can allow the user to escape the restricted environment, resulting in access to the underlying operating system. Affected devices include the following GE Ultrasound Products: Vivid products - all versions; LOGIQ - all versions not including LOGIQ 100 Pro; Voluson - all versions; Versana Essential - all versions; Invenia ABUS Scan station - all versions; Venue - all versions not including Venue 40 R1-3 and Venue 50 R4-5",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,"['CWE-20', 'CWE-693']","['cpe:2.3:h:ge:vivid_e95:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:vivid_e95_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:vivid_e90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:vivid_e90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:vivid_s70n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:vivid_s70n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:vivid_t8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:vivid_t8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:vivid_t9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:vivid_t9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:vivid_iq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:vivid_iq_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:logiq_e10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:logiq_e10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:logiq_e9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:logiq_e9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:logiq_s8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:logiq_s8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:logiq_s7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:logiq_s7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:logiq_p9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:logiq_p9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:logiq_e9_with_xdclear_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:logiq_e9_with_xdclear:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:voluson_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:voluson:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:versana_essential_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:versana_essential:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:invenia_abus_scan_station_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:invenia_abus_scan_station:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:venue_go_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:venue_go:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27418,General Electric,0.001,6.1,0.0,1.0,0.0,1.0,0,2022-03-23,1.0,2021-03-16,,,1.0,"GE UR firmware versions prior to version 8.1x supports web interface with read-only access. The device fails to properly validate user input, making it possible to perform cross-site scripting attacks, which may be used to send a malicious script. Also, UR Firmware web server does not perform HTML encoding of user-supplied strings.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,"['CWE-79', 'CWE-20']","['cpe:2.3:h:ge:multilin_b30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_b30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_b90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_b90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c95:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c95_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_d30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_d30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_d60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_d60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_f35:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_f35_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_f60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_f60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_g30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_g30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_g60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_g60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_m60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_m60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_n60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_n60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_t35_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_t35:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_t60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_t60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c30:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27420,General Electric,0.00086,5.3,0.0,1.0,0.0,1.0,0,2022-03-23,1.0,2021-03-16,,,1.0,"GE UR firmware versions prior to version 8.1x web server task does not properly handle receipt of unsupported HTTP verbs, resulting in the web server becoming temporarily unresponsive after receiving a series of unsupported HTTP requests. When unresponsive, the web server is inaccessible. By itself, this is not particularly significant as the relay remains effective in all other functionality and communication channels.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,['CWE-20'],"['cpe:2.3:o:ge:multilin_b30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_b30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_b90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_b90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c95_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c95:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_d30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_d30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_d60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_d60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_f35_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_f35:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_f60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_f60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_g30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_g30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_g60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_g60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_m60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_m60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_n60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_n60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_t35_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_t35:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_t60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_t60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c30:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27422,General Electric,0.00152,7.5,0.0,1.0,0.0,1.0,0,2022-03-23,1.0,2021-03-16,,,1.0,GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-319', 'CWE-200']","['cpe:2.3:o:ge:multilin_b30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_b30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_b90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_b90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c95_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c95:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_d30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_d30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_d60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_d60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_f35_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_f35:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_f60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_f60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_g30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_g30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_g60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_g60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_m60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_m60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_n60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_n60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_t35_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_t35:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_t60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_t60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c30:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27426,General Electric,0.00213,9.8,0.0,1.0,0.0,1.0,0,2022-03-23,1.0,2021-03-16,,,1.0,"GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['NVD-CWE-Other', 'CWE-453']","['cpe:2.3:o:ge:multilin_b30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_b30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_b90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_b90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c95_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c95:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_d30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_d30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_d60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_d60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_f35_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_f35:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_f60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_f60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_g30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_g30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_g60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_g60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_m60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_m60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_n60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_n60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_t35_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_t35:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_t60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_t60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c30:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27428,General Electric,0.00213,9.8,0.0,1.0,0.0,1.0,0,2022-03-23,1.0,2021-03-16,,,1.0,"GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IED. An illegitimate user could upgrade firmware without appropriate privileges. The weakness is assessed, and mitigation is implemented in firmware Version 8.10.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-434'],"['cpe:2.3:o:ge:multilin_b30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_b30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_b90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_b90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c95_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c95:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_d30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_d30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_d60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_d60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_f35_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_f35:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_f60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_f60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_g30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_g30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_g60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_g60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_l90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_l90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_m60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_m60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_n60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_n60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_t35_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_t35:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_t60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_t60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:multilin_c30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ge:multilin_c30:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27430,General Electric,0.00065,6.8,0.0,0.0,1.0,0.0,0,2022-03-23,1.0,2021-03-16,,,1.0,"GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials. Additionally, a user with physical access to the UR IED can interrupt the boot sequence by rebooting the UR.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-798'],"['cpe:2.3:a:ge:ur_bootloader_binary:7.00:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:ur_bootloader_binary:7.01:*:*:*:*:*:*:*', 'cpe:2.3:a:ge:ur_bootloader_binary:7.02:*:*:*:*:*:*:*']",0,0
CVE-2021-31477,General Electric,0.00924,7.3,0.0,1.0,0.0,1.0,0,2021-06-16,1.0,2021-03-26,,,1.0,This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE Reason RPV311 14A03. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware and filesystem of the device. The firmware and filesystem contain hard-coded default credentials. An attacker can leverage this vulnerability to execute code in the context of the download user. Was ZDI-CAN-11852.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW,HIGH,3.9,3.4,['CWE-798'],"['cpe:2.3:h:ge:rpv311:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ge:reason_rpv311_firmware:14a03:*:*:*:*:*:*:*']",0,0
CVE-2021-44477,General Electric,0.00195,7.5,0.0,0.0,1.0,0.0,0,2022-03-25,1.0,2022-01-25,,,1.0,GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability using the DTD parameter entities technique that could result in disclosure and retrieval of arbitrary data on the affected node via an out-of-band (OOB) attack. The vulnerability is triggered when input passed to the XML parser is not sanitized while parsing the XML project/template file.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-611'],['cpe:2.3:a:ge:toolboxst:*:*:*:*:*:*:*:*'],0,0
CVE-2022-23921,General Electric,0.00042,7.8,0.0,0.0,1.0,0.0,0,2022-02-25,1.0,2022-02-22,,,1.0,"Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and the server is licensed for multiple projects.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-269'],['cpe:2.3:a:ge:proficy_cimplicitiy:*:*:*:*:*:*:*:*'],0,0
CVE-2022-37952,General Electric,0.00072,6.1,0.0,0.0,1.0,0.0,0,2022-08-25,1.0,2022-08-24,,,1.0,"A reflected cross-site scripting (XSS) vulnerability exists in the iHistorian Data Display of WorkstationST (<v07.09.15) could allow an attacker to compromise a victim's browser. WorkstationST is only deployed in specific, controlled environments rendering attack complexity significantly higher than if the attack were conducted on the software in isolation. WorkstationST v07.09.15 can be found in ControlST v07.09.07 SP8 and greater.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:ge:workstationst:*:*:*:*:*:*:*:*'],0,0
CVE-2016-10042,Arcadyan,0.00096,7.5,0.0,1.0,0.0,1.0,1,2017-06-29,1.0,2016-12-15,,,1.0,"Authorization Bypass in the Web interface of Arcadyan SLT-00 Star* (aka Swisscom Internet-Box) devices before R7.7 allows unauthorized reconfiguration of the static routing table via an unauthenticated HTTP request, leading to denial of service and information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-284'],"['cpe:2.3:o:arcadyan:swisscom_internet-box_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arcadyan:swisscom_internet-box:-:*:*:*:light:*:*:*', 'cpe:2.3:h:arcadyan:swisscom_internet-box:-:*:*:*:plus:*:*:*', 'cpe:2.3:h:arcadyan:swisscom_internet-box:-:*:*:*:standard:*:*:*']",0,0
CVE-2016-10115,Netgear,0.00676,9.8,0.0,1.0,0.0,0.0,1,2017-01-04,0.0,,0.0,,,"NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:netgear:arlo_base_station_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:vmb30x0:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:vmk3xx0:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:vms3xx0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:arlo_q_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:vmc3040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:arlo_q_plus_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:vmc3040s:-:*:*:*:*:*:*:*']",0,0
CVE-2016-10176,Netgear,0.29595,9.8,1.0,1.0,0.0,0.0,1,2017-01-30,1.0,2017-06-09,,,0.0,"The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server (uhttpd) and processed accordingly. The web server also contains another URL, apply_noauth.cgi, that allows an unauthenticated user to perform sensitive actions on the device. This functionality can be exploited to change the router settings (such as the answers to the password-recovery questions) and achieve remote code execution.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],"['cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*']",1,0
CVE-2016-11060,Netgear,0.00103,7.5,0.0,1.0,0.0,0.0,1,2020-04-28,1.0,2017-02-10,,,1.0,"Certain NETGEAR devices are affected by insecure renegotiation. This affects SRX5308 before 2017-02-10, FVS336Gv3 before 2017-02-10, FVS318N before 2017-02-10, and FVS318Gv2 before 2017-02-10.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:netgear:fvs318g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:fvs318g:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:fvs318n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:fvs318n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:fvs336g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:fvs336g:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:srx5308_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*']",0,0
CVE-2016-1525,Netgear,0.26421,8.6,1.0,0.0,1.0,0.0,1,2016-02-13,0.0,,0.0,,,Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,NONE,NONE,HIGH,3.9,4.0,['CWE-22'],['cpe:2.3:a:netgear:prosafe_network_management_software_300:1.5.0.11:*:*:*:*:*:*:*'],2,1
CVE-2017-18378,Netgear,0.02954,9.8,0.0,1.0,0.0,0.0,1,2019-06-11,1.0,2017-09-28,,,1.0,"In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $_GET['uploaddir'] is not escaped and is passed to system() through $tmp_upload_dir, leading to upgrade_handle.php?cmd=writeuploaddir remote command execution.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:netgear:readynas_surveillance_firmware:*:*:*:*:*:*:arm:*', 'cpe:2.3:o:netgear:readynas_surveillance_firmware:*:*:*:*:*:*:x86:*', 'cpe:2.3:h:netgear:readynas_surveillance:-:*:*:*:*:*:*:*']",0,0
CVE-2017-18699,Netgear,0.00044,6.8,0.0,1.0,0.0,0.0,1,2020-04-24,1.0,2017-12-23,,,1.0,Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-787'],"['cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*']",0,0
CVE-2017-18773,Netgear,0.00044,6.7,0.0,1.0,0.0,0.0,1,2020-04-22,1.0,2017-10-27,,,1.0,"Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6100 before V1.0.0.55, D7800 before V1.0.1.24, EX6150v2 before 1.0.0.48, R6100 before 1.0.1.14, R7500 before 1.0.0.110, R7500v2 before V1.0.3.16, R7800 before V1.0.2.36, WNDR4300v1 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR2000v5 before 1.0.0.48.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-74'],"['cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr4300:v1:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*']",0,0
CVE-2017-18784,Netgear,0.00078,6.1,0.0,1.0,0.0,0.0,1,2020-04-22,1.0,2017-10-25,,,1.0,"Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:jnr1010_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:jnr1010:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:jwnr2010_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:jwnr2010:v5:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr3700:v5:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnr1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr1000:v4:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnr2050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr2050:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6077,Netgear,0.9615,9.8,1.0,1.0,0.0,0.0,1,2017-02-22,0.0,,0.0,,,ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP POST request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:dgn2200:-:*:*:*:*:*:*:*']",1,0
CVE-2017-6334,Netgear,0.96741,8.8,1.0,1.0,0.0,0.0,1,2017-03-06,0.0,,0.0,,,"dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the host_name field of an HTTP POST request, a different vulnerability than CVE-2017-6077.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:netgear:dgn2200_series_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:dgn2200v1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:dgn2200v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:dgn2200v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*']",3,2
CVE-2017-6366,Netgear,0.00183,8.8,1.0,1.0,0.0,0.0,1,2017-03-15,0.0,,0.0,,,Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. NOTE: this issue can be combined with CVE-2017-6334 to execute arbitrary code remotely.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:dgn2200v1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:dgn2200v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:dgn2200v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*']",1,0
CVE-2018-21097,Netgear,0.0025,9.8,0.0,1.0,0.0,0.0,1,2020-04-27,1.0,2018-12-07,,,1.0,"Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WAC120 before 2.1.7, WN604 before 3.3.10, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before 3.7.11.4, WNDAP660 before 3.7.11.4, WNDAP620 before 2.1.7, and WND930 before 2.1.5.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:netgear:wac505_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wac505:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wac510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wac510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wac120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wac120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wn604_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wn604:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnap320_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnap320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnap210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnap210:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndap350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndap350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndap360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndap360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndap660_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndap660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndap620_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndap620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnd930_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnd930:-:*:*:*:*:*:*:*']",0,0
CVE-2018-21116,Netgear,0.00222,8.8,0.0,1.0,0.0,0.0,1,2020-04-22,1.0,2018-09-26,,,1.0,NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*']",0,0
CVE-2018-21222,Netgear,0.00079,8.8,0.0,1.0,0.0,0.0,1,2020-04-28,1.0,2022-02-22,,,0.0,"Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-120'],"['cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19494,Netgear,0.15168,8.8,0.0,1.0,0.0,0.0,1,2020-01-09,0.0,,0.0,,,"Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21_T4, Sagemcom F@st 3890 prior to 05.76.6.3f, Sagemcom F@st 3686 3.428.0, Sagemcom F@st 3686 4.83.0, NETGEAR CG3700EMR 2.01.05, NETGEAR CG3700EMR 2.01.03, NETGEAR C6250EMR 2.01.05, NETGEAR C6250EMR 2.01.03, Technicolor TC7230 STEB 01.25, COMPAL 7284E 5.510.5.11, and COMPAL 7486E 5.510.5.11.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-120'],"['cpe:2.3:o:sagemcom:f\\@st_3890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:f\\@st_3890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sagemcom:f\\@st_3890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:f\\@st_3890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sagemcom:f\\@st_3686_firmware:3.428.0:*:*:*:*:*:*:*', 'cpe:2.3:o:sagemcom:f\\@st_3686_firmware:4.83.0:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:f\\@st_3686:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:cg3700emr_firmware:2.01.03:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:cg3700emr_firmware:2.01.05:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:cg3700emr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:c6250emr_firmware:2.01.03:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:c6250emr_firmware:2.01.05:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:c6250emr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:tc7230_steb_firmware:01.25:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7230_steb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:compal:7284e_firmware:5.510.5.11:*:*:*:*:*:*:*', 'cpe:2.3:h:compal:7284e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:compal:7486e_firmware:5.510.5.11:*:*:*:*:*:*:*', 'cpe:2.3:h:compal:7486e:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20683,Netgear,0.00079,8.8,0.0,1.0,0.0,0.0,1,2020-04-16,1.0,2019-12-04,,,1.0,"Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.32, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20689,Netgear,0.00044,6.8,0.0,1.0,0.0,0.0,1,2020-04-16,1.0,2019-12-04,,,1.0,"Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6000 before 1.0.0.75, D6100 before 1.0.0.63, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3100RPv2 before 1.0.0.60, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32.",CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-77'],"['cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wn3000rp:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr4300:v1:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20690,Netgear,0.00069,8.8,0.0,1.0,0.0,0.0,1,2020-04-16,1.0,2019-12-04,,,1.0,"Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.30, D7000 before 1.0.1.66, R6020 before 1.0.0.34, R6080 before 1.0.0.34, R6120 before 1.0.0.44, R6220 before 1.1.0.68, WNR2020 before 1.1.0.54, and WNR614 before 1.1.0.54.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnr614_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr614:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20726,Netgear,0.00044,6.8,0.0,1.0,0.0,0.0,1,2020-04-16,1.0,2019-09-04,,,1.0,"Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32.",CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-77'],"['cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr4300:v1:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20745,Netgear,0.00044,6.8,0.0,1.0,0.0,0.0,1,2020-04-16,1.0,2019-05-30,,,1.0,Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WAC505 before 5.0.10.2 and WAC510 before 5.0.10.2.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-77'],"['cpe:2.3:o:netgear:wac505_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wac505:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wac510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wac510:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20765,Netgear,0.00044,6.8,0.0,1.0,0.0,0.0,1,2020-04-16,1.0,2019-03-11,,,1.0,NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-787'],"['cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*']",0,0
CVE-2020-25067,Netgear,0.00078,8.8,0.0,1.0,0.0,0.0,1,2020-09-01,1.0,2020-07-31,,,1.0,NETGEAR R8300 devices before 1.0.2.134 are affected by command injection by an unauthenticated attacker.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-77'],"['cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-26901,Netgear,0.0007,6.5,0.0,1.0,0.0,0.0,1,2020-10-09,1.0,2020-09-17,,,1.0,"Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*']",0,0
CVE-2020-26919,Netgear,0.97211,9.8,0.0,1.0,0.0,0.0,1,2020-10-09,1.0,2020-09-17,,,1.0,NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:netgear:jgs516pe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:jgs516pe:-:*:*:*:*:*:*:*']",0,0
CVE-2020-27873,Netgear,0.00173,6.5,0.0,1.0,0.0,0.0,1,2021-02-04,1.0,2020-12-16,,,1.0,"This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SOAP API endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper access control. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-11559.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,"['CWE-863', 'CWE-284']","['cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ac2100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ac2400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ac2600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ac2600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6330_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6330:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*']",0,0
CVE-2020-28373,Netgear,0.00097,8.8,0.0,1.0,0.0,0.0,1,2020-11-09,0.0,,0.0,,,"upnpd on certain NETGEAR devices allows remote (LAN) attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.102_10.0.75, R6400 V1.0.1.62_1.0.41, R7000P V1.3.2.126_10.1.66, XR300 V1.0.3.50_10.3.36, R8000 V1.0.4.62, R8300 V1.0.2.136, R8500 V1.0.2.136, R7300DST V1.0.0.74, R7850 V1.0.5.64, R7900 V1.0.4.30, RAX20 V1.0.2.64, RAX80 V1.0.3.102, and R6250 V1.0.4.44.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6400v2_firmware:1.0.4.102_10.0.75:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6400_firmware:1.0.1.62_1.0.41:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7000p_firmware:1.3.2.126_10.1.66:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:xr300_firmware:1.0.3.50_10.3.36:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8000_firmware:1.0.4.62:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8300_firmware:1.0.2.136:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8500_firmware:1.0.2.136:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7300dst_firmware:1.0.0.74:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7850_firmware:1.0.5.64:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7900_firmware:1.0.4.30:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rax20_firmware:1.0.2.64:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rax80_firmware:1.0.3.102:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6250_firmware:1.0.4.44:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*']",0,0
CVE-2020-35818,Netgear,0.00054,4.8,0.0,1.0,0.0,0.0,1,2020-12-30,1.0,2020-12-22,,,1.0,"Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.7,2.7,['CWE-79'],"['cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*']",0,0
CVE-2020-35834,Netgear,0.00054,4.8,0.0,1.0,0.0,0.0,1,2020-12-30,1.0,2020-12-15,,,1.0,"Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.7,2.7,['CWE-79'],"['cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5641,Netgear,0.00075,6.5,0.0,1.0,0.0,0.0,1,2020-11-24,1.0,2020-10-29,,,1.0,Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier allows remote attackers to hijack the authentication of administrators and the product's settings may be changed without the user's intention or consent via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-352'],"['cpe:2.3:h:netgear:gs108ev3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:gs108ev3_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-29079,Netgear,0.00078,9.6,0.0,1.0,0.0,0.0,1,2021-03-23,1.0,2021-03-18,,,1.0,"Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.8,6.0,['CWE-77'],"['cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk854:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*']",0,0
CVE-2021-38516,Netgear,0.00263,9.8,0.0,1.0,0.0,0.0,1,2021-08-11,1.0,2021-06-17,,,1.0,"Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D7800 before 1.0.1.44, D8500 before 1.0.3.43, DC112A before 1.0.0.40, DGN2200v4 before 1.0.0.108, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, R6020 before 1.0.0.34, R6080 before 1.0.0.34, R6120 before 1.0.0.44, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.40, R6850 before 1.1.0.40, R6350 before 1.1.0.40, R6400v2 before 1.0.2.62, R6700v3 before 1.0.2.62, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7000 before 1.0.9.34, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7200 before 1.2.0.48, R7350 before 1.2.0.48, R7400 before 1.2.0.48, R7450 before 1.2.0.36, AC2100 before 1.2.0.36, AC2400 before 1.2.0.36, AC2600 before 1.2.0.36, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, R7900 before 1.0.3.8, R7960P before 1.4.1.44, R8000 before 1.0.4.28, R7900P before 1.4.1.30, R8000P before 1.4.1.30, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RAX120 before 1.0.0.74, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, WNR3500Lv2 before 1.2.0.56, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ac2100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ac2400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ac2600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ac2600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45077,Netgear,0.00168,7.5,0.0,1.0,0.0,0.0,1,2021-12-30,0.0,,0.0,,,"Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-312'],"['cpe:2.3:o:netgear:r6700_firmware:1.0.4.120:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45496,Netgear,0.00217,9.8,0.0,1.0,0.0,0.0,1,2021-12-26,1.0,2021-12-22,,,1.0,NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45512,Netgear,0.00222,9.8,0.0,1.0,0.0,0.0,1,2021-12-26,1.0,2021-09-26,,,1.0,"Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX7000 before 1.0.1.90, R6250 before 1.0.4.42, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6900P before 1.3.2.124, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7900 before 1.0.4.26, R8000 before 1.0.4.58, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RS400 before 1.5.0.48, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-327'],"['cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45516,Netgear,0.00044,4.5,0.0,1.0,0.0,0.0,1,2021-12-26,1.0,2021-09-25,,,1.0,"Certain NETGEAR devices are affected by denial of service. This affects R6400 before 1.0.1.70, R7000 before 1.0.11.126, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R8000 before 1.0.4.74, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.",CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,0.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*']",0,0
CVE-2022-31937,Netgear,0.00224,9.8,0.0,1.0,0.0,0.0,1,2022-09-22,0.0,,0.0,,,Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:netgear:wnr2000v4_firmware:1.0.0.70:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnr2000v4:-:*:*:*:*:*:*:*']",0,0
CVE-2018-18471,Netgear,0.01105,9.8,0.0,1.0,0.0,0.0,0,2019-06-19,0.0,,0.0,,,"/api/2.0/rest/aggregator/xml in Axentra firmware, used by NETGEAR Stora, Seagate GoFlex Home, and MEDION LifeCloud, has an XXE vulnerability that can be chained with an SSRF bug to gain remote command execution as root. It can be triggered by anyone who knows the IP address of the affected device.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-611'],"['cpe:2.3:o:axentra:hipserv:-:*:*:*:*:*:*:*', 'cpe:2.3:h:medion:lifecloud:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:stora:-:*:*:*:*:*:*:*', 'cpe:2.3:h:seagate:goflex_home:-:*:*:*:*:*:*:*']",0,0
CVE-2020-26930,Netgear,0.00054,3.8,0.0,1.0,0.0,0.0,0,2020-10-09,1.0,2020-09-17,,,1.0,NETGEAR EX7700 devices before 1.0.0.210 are affected by incorrect configuration of security settings.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N,NETWORK,LOW,HIGH,NONE,UNCHANGED,LOW,LOW,NONE,LOW,1.2,2.5,['CWE-1188'],"['cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*']",0,0
CVE-2020-28041,Netgear,0.0964,6.5,0.0,1.0,0.0,0.0,0,2020-11-02,0.0,,0.0,,,"The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.64_10.2.64 devices allows remote attackers to communicate with arbitrary TCP and UDP services on a victim's intranet machine, if the victim visits an attacker-controlled web site with a modern browser, aka NAT Slipstreaming. This occurs because the ALG takes action based on an IP packet with an initial REGISTER substring in the TCP data, and the correct intranet IP address in the subsequent Via header, without properly considering that connection progress and fragmentation affect the meaning of the packet data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-276'],"['cpe:2.3:o:netgear:nighthawk_r7000_firmware:1.0.9.64_10.2.64:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:nighthawk_r7000:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27272,Netgear,0.01075,7.1,0.0,0.0,1.0,0.0,0,2021-03-29,1.0,2020-12-22,,,1.0,"This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ReportTemplateController class. When parsing the path parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12123.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,HIGH,HIGH,2.8,4.2,['CWE-22'],['cpe:2.3:a:netgear:prosafe_network_management_system:1.6.0.26:*:*:*:*:*:*:*'],0,0
CVE-2021-27273,Netgear,0.07589,8.8,0.0,0.0,1.0,0.0,0,2021-03-29,1.0,2020-12-16,,,1.0,"This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SettingConfigController class. When parsing the fileName parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-12121.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],['cpe:2.3:a:netgear:prosafe_network_management_system:1.6.0.26:*:*:*:*:*:*:*'],0,0
CVE-2021-27274,Netgear,0.05887,9.8,0.0,0.0,1.0,0.0,0,2021-03-29,1.0,2021-03-30,,,0.0,This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MFileUploadController class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-12124.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-434'],['cpe:2.3:a:netgear:prosafe_network_management_system:1.6.0.26:*:*:*:*:*:*:*'],0,0
CVE-2021-27275,Netgear,0.02154,8.3,0.0,0.0,1.0,0.0,0,2021-03-29,1.0,2021-03-30,,,0.0,"This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ConfigFileController class. When parsing the realName parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information or to create a denial-of-service condition on the system. Was ZDI-CAN-12125.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,LOW,HIGH,HIGH,2.8,5.5,['CWE-22'],['cpe:2.3:a:netgear:prosafe_network_management_system:1.6.0.26:*:*:*:*:*:*:*'],0,0
CVE-2021-27276,Netgear,0.01075,7.1,0.0,0.0,1.0,0.0,0,2021-03-29,1.0,2020-12-22,,,1.0,"This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the MibController class. When parsing the realName parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12122.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,HIGH,HIGH,2.8,4.2,['CWE-22'],['cpe:2.3:a:netgear:prosafe_network_management_system:1.6.0.26:*:*:*:*:*:*:*'],0,0
CVE-2021-34870,Netgear,0.00138,6.5,0.0,1.0,0.0,0.0,0,2022-01-25,1.0,2021-09-02,,,1.0,"This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.52_1.0.38 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP messages. The issue results from a lack of authentication required for a privileged request. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13325.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-306'],"['cpe:2.3:o:netgear:xr1000:1.0.0.52_1.0.38:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45494,Netgear,0.00044,4.5,0.0,1.0,0.0,0.0,0,2021-12-26,1.0,2021-09-26,,,1.0,"Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.",CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:netgear:rbk352:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbk352_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs350_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-45513,Netgear,0.00078,9.6,0.0,1.0,0.0,0.0,0,2021-12-26,1.0,2021-09-26,,,1.0,NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.8,6.0,['CWE-77'],"['cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45514,Netgear,0.00078,8.8,0.0,1.0,0.0,0.0,0,2021-12-26,1.0,2021-09-26,,,1.0,NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-77'],"['cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45517,Netgear,0.00058,6.5,0.0,1.0,0.0,0.0,0,2021-12-26,1.0,2021-09-26,,,1.0,NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45518,Netgear,0.00058,6.5,0.0,1.0,0.0,0.0,0,2021-12-26,1.0,2021-09-26,,,1.0,NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45519,Netgear,0.00058,6.5,0.0,1.0,0.0,0.0,0,2021-12-26,1.0,2021-09-26,,,1.0,NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45520,Netgear,0.0007,8.8,0.0,1.0,0.0,0.0,0,2021-12-26,1.0,2021-09-26,,,1.0,"Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-798'],"['cpe:2.3:o:netgear:rbk352_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk352:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs350:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45521,Netgear,0.0007,6.5,0.0,1.0,0.0,0.0,0,2021-12-26,1.0,2021-09-26,,,1.0,"Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-798'],"['cpe:2.3:o:netgear:rbk352_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk352:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs350:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45652,Netgear,0.00168,7.5,0.0,1.0,0.0,0.0,0,2021-12-26,1.0,2021-09-26,,,1.0,"Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:o:netgear:rbk352_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk352:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs350:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45653,Netgear,0.00168,7.5,0.0,1.0,0.0,0.0,0,2021-12-26,1.0,2021-09-26,,,1.0,"Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:o:netgear:rbk352_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbk352:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbr350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbr350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:rbs350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rbs350:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45654,Netgear,0.00168,7.5,0.0,1.0,0.0,0.0,0,2021-12-26,1.0,2021-09-26,,,1.0,NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45678,Netgear,0.00222,9.8,0.0,1.0,0.0,0.0,0,2021-12-26,1.0,2021-10-01,,,1.0,NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*']",0,0
CVE-2022-29383,Netgear,0.3782,9.8,0.0,1.0,0.0,0.0,0,2022-05-13,0.0,,0.0,,,NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-89'],"['cpe:2.3:o:netgear:ssl312_firmware:fvs336gv2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:ssl312_firmware:fvs336gv3:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:ssl312:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30078,Netgear,0.03173,8.8,0.0,1.0,0.0,0.0,0,2022-09-07,0.0,,0.0,,,"NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:netgear:r6200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6200:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*']",0,0
CVE-2022-30079,Netgear,0.12254,8.8,0.0,1.0,0.0,0.0,0,2022-09-08,0.0,,0.0,,,Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to modify values in the vulnerable parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:netgear:r6200:r6200v2-v1.0.3.12:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:r6200:v2:*:*:*:*:*:*:*']",0,0
CVE-2016-10135,LG,0.00069,5.5,0.0,0.0,0.0,1.0,1,2017-01-13,0.0,,0.0,,,"An issue was discovered on LG devices using the MTK chipset with L(5.0/5.1), M(6.0/6.0.1), and N(7.0) software, and RCA Voyager Tablet, BLU Advance 5.0, and BLU R1 HD devices. The MTKLogger app with a package name of com.mediatek.mtklogger has application components that are accessible to any application that resides on the device. Namely, the com.mediatek.mtklogger.framework.LogReceiver and com.mediatek.mtklogger.framework.MTKLoggerService application components are exported since they contain an intent filter, are not protected by a custom permission, and do not explicitly set the android:exported attribute to false. Therefore, these components are exported by default and are thus accessible to any third party application by using android.content.Intent object for communication. These application components can be used to start and stop the logs using Intent objects with embedded data. The available logs are the GPS log, modem log, network log, and mobile log. The base directory that contains the directories for the 4 types of logs is /sdcard/mtklog which makes them accessible to apps that require the READ_EXTERNAL_STORAGE permission. The GPS log contains the GPS coordinates of the user as well as a timestamp for the coordinates. The modem log contains AT commands and their parameters which allow the user's outgoing and incoming calls and text messages to be obtained. The network log is a tcpdump network capture. The mobile log contains the Android log, which is not available to third-party apps as of Android 4.1. The LG ID is LVE-SMP-160019.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-200'],"['cpe:2.3:o:lg:lg_mobile:5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lg_mobile:5.1:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lg_mobile:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lg_mobile:6.0.1:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lg_mobile:7.0:*:*:*:*:*:*:*']",0,0
CVE-2017-15361,LG,0.00376,5.9,0.0,1.0,0.0,0.0,1,2017-10-16,1.0,2017-11-08,,,0.0,"The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:infineon:trusted_platform_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:o:infineon:trusted_platform_firmware:4.32:*:*:*:*:*:*:*', 'cpe:2.3:o:infineon:trusted_platform_firmware:6.40:*:*:*:*:*:*:*', 'cpe:2.3:o:infineon:trusted_platform_firmware:133.32:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:c720_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebase:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebase_24:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c730e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c740:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c771t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_n7_c731:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_13_cb5-311:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_14_cb3-431:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_14_for_work_cp5-471:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_15_cb3-531:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_15_cb3-532:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_15_cb5-571:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_r11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_r13_cb5-312t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebox:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebox_cxi2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:aopen:chromebase:-:*:commercial:*:*:*:*:*', 'cpe:2.3:h:aopen:chromebase:-:*:mini:*:*:*:*:*', 'cpe:2.3:h:aopen:chromebox:-:*:commercial:*:*:*:*:*', 'cpe:2.3:h:aopen:chromeboxi:-:*:mini:*:*:*:*:*', 'cpe:2.3:h:asi:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebit_cs10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c201pa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c202sa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c300sa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c301sa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_flip_c100pa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_flip_c302:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebox_cn60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebox_cn62:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bobicus:chromebook_11:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ctl:j2_chromebook:-:*:*:*:*:education:*:*', 'cpe:2.3:h:ctl:j4_chromebook:-:*:*:*:*:education:*:*', 'cpe:2.3:h:ctl:j5_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ctl:n6_chromebook:-:*:*:*:*:education:*:*', 'cpe:2.3:h:ctl:nl61_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_11_3120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_11_3189:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_11_model_3180:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_13_3380:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebox:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edugear:chromebook_k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edugear:chromebook_m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edugear:chromebook_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edugear:cmt_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edxis:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edxis:education_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epik:chromebook_elb1101:-:*:*:*:*:*:*:*', 'cpe:2.3:h:google:pixel:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:chromebook_11_c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:chromebook_11_g2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:chromebook_11e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hexa:chromebook_pi:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hisense:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook:-:*:*:*:*:meetings:*:*', 'cpe:2.3:h:hp:chromebook_11-vxxx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_1100-1199:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_2000-2099:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_2100-2199:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_2200-2299:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g4\\/g4_ee:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g5_ee:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_13_g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14_ak000-099:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14_g3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14_x000-x999:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebox_cb1-\\(000-099\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebox_g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:100s_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n20_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n21_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n22_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n23_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n23_flex_11_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n23_yoga_11_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n42_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:thinkcentre_chromebox:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:thinkpad_11e_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:thinkpad_13_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:chromebase_22cb25s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:chromebase_22cv241:-:*:*:*:*:*:*:*', 'cpe:2.3:h:medion:akoya_s2013:-:*:*:*:*:*:*:*', 'cpe:2.3:h:medion:chromebook_s2015:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mercer:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mercer:v2_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ncomputing:chromebook_cx100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nexian:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:pcmerge:chromebook_pcm-116t-432b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:poin2:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:poin2:chromebook_14:-:*:*:*:*:*:*:*', 'cpe:2.3:h:positivo:chromebook_ch1190:-:*:*:*:*:*:*:*', 'cpe:2.3:h:prowise:entry_line_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:prowise:proline_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:rgs:education_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_2_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_2_11_xe500c12:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_2_13:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sector-five:e1_rugged_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:senkatel:c1101_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:toshiba:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:toshiba:chromebook_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:toshiba:chromebook_2:-:*:2015:*:*:*:*:*', 'cpe:2.3:h:true:idc_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:true:idc_chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:videonet:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:videonet:chromebook_bl10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:viglen:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:viglen:chromebook_360:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xolo:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:a:infineon:rsa_library:*:*:*:*:*:*:*:*']",0,0
CVE-2018-14839,LG,0.9388,9.8,0.0,1.0,0.0,1.0,1,2019-05-14,0.0,,0.0,,,LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code (remote). The attack vector is: HTTP POST with parameters.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:lg:n1a1_firmware:3718.510:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:n1a1:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14981,LG,0.00125,9.8,0.0,1.0,0.0,0.0,1,2018-08-17,0.0,,0.0,,,Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for SystemUI application intents. The LG ID is LVE-SMP-180005.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-732'],"['cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g6\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30s_thinq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x_cam:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x500:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14982,LG,0.00125,9.8,0.0,1.0,0.0,0.0,1,2018-08-17,0.0,,0.0,,,Certain LG devices based on Android 6.0 through 8.1 have incorrect access control in the GNSS application. The LG ID is LVE-SMP-180004.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-732'],"['cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g6\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30s_thinq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x_cam:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x500:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15482,LG,0.00131,9.8,0.0,1.0,0.0,0.0,1,2018-08-17,0.0,,0.0,,,Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT application intents. The LG ID is LVE-SMP-180006.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-732'],"['cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g6\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30s_thinq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x_cam:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x500:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16946,LG,0.43689,7.5,1.0,1.0,0.0,1.0,1,2018-09-12,0.0,,0.0,,,"LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken access control. Attackers are able to download /updownload/t.report (aka Log & Report) files and download backup files (via download.php) without authenticating. These backup files contain user credentials and configuration information for the camera device. An attacker is able to discover the backup filename via reading the system logs or report data, or just by brute-forcing the backup filename pattern. It may be possible to authenticate to the admin account with the admin password.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-552'],"['cpe:2.3:o:lg:lnb5110_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnb5110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnb5320_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnb5320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnb5320r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnb5320r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnb7210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnb7210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnd3230r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnd3230r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnd5110_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnd5110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnd5110r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnd5110r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnd5220r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnd5220r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnd7210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnd7210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnd7210r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnd7210r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnu3230r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnu3230r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnu5110r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnu5110r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnu5320r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnu5320r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnu7210r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnu7210r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnv5110r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnv5110r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnv5320r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnv5320r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnv7210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnv7210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lg:lnv7210r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:lnv7210r:-:*:*:*:*:*:*:*']",1,0
CVE-2018-10229,LG,0.00116,4.8,0.0,1.0,0.0,0.0,0,2018-05-04,1.0,2018-05-03,,,1.0,A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,LOW,NONE,MEDIUM,2.2,2.5,['CWE-200'],"['cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*', 'cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:nexus_5:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16286,LG,0.00659,9.8,0.0,0.0,1.0,0.0,0,2018-09-14,0.0,,0.0,,,"LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],['cpe:2.3:a:lg:supersign_cms:-:*:*:*:*:*:*:*'],0,0
CVE-2018-16287,LG,0.00579,9.8,0.0,0.0,1.0,0.0,0,2018-09-14,0.0,,0.0,,,LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-434'],['cpe:2.3:a:lg:supersign_cms:-:*:*:*:*:*:*:*'],0,0
CVE-2018-16288,LG,0.1037,8.6,1.0,0.0,1.0,0.0,0,2018-09-14,0.0,,0.0,,,LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,NONE,NONE,HIGH,3.9,4.0,['CWE-200'],['cpe:2.3:a:lg:supersign_cms:2.5:*:*:*:*:*:*:*'],1,0
CVE-2018-16706,LG,0.00124,7.5,0.0,0.0,1.0,0.0,0,2018-09-14,0.0,,0.0,,,LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP request to /qsr_server/device/reboot on port 9080.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-425'],['cpe:2.3:a:lg:supersign_cms:-:*:*:*:*:*:*:*'],0,0
CVE-2018-17173,LG,0.87137,9.8,1.0,0.0,1.0,0.0,0,2018-09-21,0.0,,0.0,,,LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-94'],['cpe:2.3:a:lg:supersign_cms:2.5:*:*:*:*:*:*:*'],2,0
CVE-2019-20769,LG,0.00063,7.8,0.0,1.0,1.0,0.0,0,2020-04-17,0.0,,0.0,,,An issue was discovered in LG PC Suite for LG G3 and earlier (aka LG PC Suite v5.3.27 and earlier). DLL Hijacking can occur via a Trojan horse DLL in the current working directory. The LG ID is LVE-MOT-190001 (November 2019).,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],"['cpe:2.3:a:lg:pc_suite:*:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20777,LG,0.00106,9.8,0.0,1.0,0.0,0.0,0,2020-04-17,0.0,,0.0,,,"An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 (July 2019).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v40:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20781,LG,0.00063,7.8,0.0,0.0,1.0,0.0,0,2020-04-29,0.0,,0.0,,,An issue was discovered in LG Bridge before April 2019 on Windows. DLL Hijacking can occur.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:lg:bridge:*:*:*:*:*:windows:*:*'],0,0
CVE-2020-13839,LG,0.00144,9.8,0.0,1.0,0.0,0.0,0,2020-06-05,0.0,,0.0,,,"An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via a custom AT command handler buffer overflow. The LG ID is LVE-SMP-200007 (June 2020).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:h:lg:cv1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv1s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv7as:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh15:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh35:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q70:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v35:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x_cam:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*']",0,0
CVE-2020-13840,LG,0.00144,9.8,0.0,1.0,0.0,0.0,0,2020-06-05,0.0,,0.0,,,"An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via an MTK AT command handler buffer overflow. The LG ID is LVE-SMP-200008 (June 2020).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv1s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv7as:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh15:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh35:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q70:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v35:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x_cam:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-13841,LG,0.00147,9.8,0.0,1.0,0.0,0.0,0,2020-06-05,0.0,,0.0,,,An issue was discovered on LG mobile devices with Android OS 9 and 10 (MTK chipsets). An AT command handler allows attackers to bypass intended access restrictions. The LG ID is LVE-SMP-200009 (June 2020).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv1s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv7as:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh15:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh35:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q70:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v35:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x_cam:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-13842,LG,0.00044,7.8,0.0,1.0,0.0,0.0,0,2020-06-05,0.0,,0.0,,,"An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). A dangerous AT command was made available even though it is unused. The LG ID is LVE-SMP-200010 (June 2020).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv1s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:cv7as:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh15:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh35:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:dh50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:g8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:k50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q70:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:q8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v30:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v35:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:v60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x_cam:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:x500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-7807,LG,0.00057,5.5,0.0,0.0,1.0,0.0,0,2020-09-14,0.0,,0.0,,,"A vulnerability that can hijack a DLL file that is loaded during products(LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in ____COMPONENT____ of LG Electronics (LGPCSuite_Setup), (IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: LG Electronics; LGPCSuite_Setup : 1.0.0.3 on Windows(x86, x64); IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup : 1.0.0.9 on Windows(x86, x64).",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,"['CWE-354', 'CWE-353']","['cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:lg:ipsfullhd:1.0.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:lg:lg_ultrawide:1.0.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:lg:lgpcsuite_setup:1.0.0.9:*:*:*:*:*:*:*', 'cpe:2.3:a:lg:ultra_hd_driver_setup:1.0.0.3:*:*:*:*:*:*:*']",0,0
CVE-2020-9759,LG,0.00094,7.8,0.0,0.0,0.0,1.0,0,2020-03-23,1.0,2021-09-30,,,0.0,A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-494'],['cpe:2.3:o:lg:webos:-:*:*:*:*:*:*:*'],0,0
CVE-2021-26688,LG,0.00106,9.8,0.0,1.0,0.0,0.0,0,2021-02-04,0.0,,0.0,,,An issue was discovered on LG Wing mobile devices with Android OS 10 software. The biometric sensor has weak security properties. The LG ID is LVE-SMP-200030 (February 2021).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:wing:-:*:*:*:*:*:*:*']",0,0
CVE-2021-38306,LG,0.15866,9.8,0.0,1.0,0.0,1.0,0,2021-08-24,0.0,,0.0,,,Network Attached Storage on LG N1T1*** 10124 devices allows an unauthenticated attacker to gain root access via OS command injection in the en/ajp/plugins/access.ssh/checkInstall.php destServer parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:lg:n1t1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:n1t1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:n1t1dd1:-:*:*:*:*:*:*:*']",0,0
CVE-2022-23727,LG,0.00042,7.8,0.0,0.0,0.0,1.0,0,2022-01-28,0.0,,0.0,,,"There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],['cpe:2.3:o:lg:webos:*:*:*:*:*:*:*:*'],0,0
CVE-2022-23730,LG,0.00233,9.8,0.0,0.0,0.0,1.0,0,2022-03-11,0.0,,0.0,,,The public API error causes for the attacker to be able to bypass API access control.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['NVD-CWE-Other', 'CWE-284']",['cpe:2.3:o:lg:webos:*:*:*:*:*:*:*:*'],0,0
CVE-2022-23731,LG,0.00044,7.8,0.0,0.0,0.0,1.0,0,2022-03-11,0.0,,0.0,,,"V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['NVD-CWE-noinfo', 'CWE-264']",['cpe:2.3:o:lg:webos:*:*:*:*:*:*:*:*'],0,0
CVE-2016-10401,Zyxel,0.94119,8.8,1.0,1.0,0.0,1.0,1,2017-07-25,0.0,,0.0,,,"ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it easier for remote attackers to obtain root access if a non-root account password is known (or a non-root default account exists within an ISP's deployment of these devices).",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-255'],"['cpe:2.3:o:zyxel:pk5001z_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pk5001z:-:*:*:*:*:*:*:*']",1,0
CVE-2017-3216,Zyxel,0.00754,9.8,0.0,1.0,0.0,1.0,1,2017-06-20,0.0,,1.0,2017-07-24,,"WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:o:greenpacket:ox350_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:greenpacket:ox350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bm2022_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:bm2022:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:hes-309m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hes-309m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:hes-319m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hes-319m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:hes-319m2w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hes-319m2w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:hes-339m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hes-339m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mada:soho_wireless_router_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mada:soho_wireless_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:ox-330p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:ox-330p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:max218m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:max218m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:max218m1w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:max218m1w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:max218mw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:max218mw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:max308m_fimware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:max308m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:max318m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:max318m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:max338m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:max338m:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15602,Zyxel,0.00079,6.1,0.0,1.0,0.0,1.0,1,2018-08-26,0.0,,1.0,2020-03-13,,Zyxel VMG3312 B10B devices are affected by a persistent XSS vulnerability via the pages/connectionStatus/connectionStatus-hostEntry.cmd hostname parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:zyxel:vmg3312_b10b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3312_b10b:-:*:*:*:*:*:*:*']",0,0
CVE-2018-5330,Zyxel,0.00378,7.5,0.0,1.0,0.0,1.0,1,2018-01-16,0.0,,0.0,,,ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of service (router unreachable/unresponsive) via a flood of fragmented UDP packets.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:zyxel:p-660hw_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:p-660hw_v3_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2018-9129,Zyxel,0.00147,5.9,0.0,1.0,0.0,1.0,1,2018-08-15,1.0,2018-08-13,,,1.0,ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:zyxel:zywall_110_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_1100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_310_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_vpn_50_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_vpn_100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_vpn_300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_20w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_40w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_60w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_110_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_2200-vpn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_310_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_1100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_1900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_20w-vpn_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2018-9149,Zyxel,0.00096,6.8,0.0,1.0,0.0,1.0,1,2018-04-01,0.0,,0.0,,,"The Zyxel Multy X (AC3000 Tri-Band WiFi System) device doesn't use a suitable mechanism to protect the UART. After an attacker dismantles the device and uses a USB-to-UART cable to connect the device, he can use the 1234 password for the root account to login to the system. Furthermore, an attacker can start the device's TELNET service as a backdoor.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-798'],"['cpe:2.3:o:zyxel:ac3000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ac3000:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10630,Zyxel,0.00125,8.8,0.0,1.0,0.0,1.0,1,2019-04-09,0.0,,1.0,2019-04-04,,A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-522'],"['cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10634,Zyxel,0.00072,5.4,0.0,1.0,0.0,1.0,1,2019-04-09,0.0,,1.0,2019-04-04,,"An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*']",0,0
CVE-2019-12581,Zyxel,0.0035,6.1,0.0,1.0,0.0,1.0,1,2019-06-27,1.0,2019-11-04,,,0.0,"A reflective Cross-site scripting (XSS) vulnerability in the free_time_failed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or HTML via the err_msg parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:h:zyxel:uag2100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:uag2100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:uag4100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:uag4100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:uag5100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:uag5100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg110_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg1100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg1900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg2200-vpn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15799,Zyxel,0.01281,8.8,0.0,1.0,0.0,1.0,1,2019-11-14,1.0,2019-11-14,,,1.0,"An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. User accounts created through the web interface of the device, when given non-admin level privileges, have the same level of privileged access as administrators when connecting to the device via SSH (while their permissions via the web interface are in fact restricted). This allows normal users to obtain the administrative password by running the tech-support command via the CLI: this contains the encrypted passwords for all users on the device. As these passwords are encrypted using well-known and static parameters, they can be decrypted and the original passwords (including the administrator password) can be obtained.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-269'],"['cpe:2.3:o:zyxel:gs1900-8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-8hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-10hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48hp:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15800,Zyxel,0.00316,9.8,0.0,1.0,0.0,1.0,1,2019-11-14,1.0,2019-11-14,,,1.0,"An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Due to lack of input validation in the cmd_sys_traceroute_exec(), cmd_sys_arp_clear(), and cmd_sys_ping_exec() functions in the libclicmd.so library contained in the firmware, an attacker could leverage these functions to call system() and execute arbitrary commands on the switches. (Note that these functions are currently not called in this version of the firmware, however an attacker could use other vulnerabilities to finally use these vulnerabilities to gain code execution.)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:zyxel:gs1900-8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-8hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-10hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48hp:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15802,Zyxel,0.00261,5.9,0.0,1.0,0.0,1.0,1,2019-11-14,1.0,2019-11-14,,,1.0,"An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in sal_util_str_encrypt() in libsal.so.0.0. The parameters (salt, IV, and key data) are used to encrypt and decrypt all passwords using AES256 in CBC mode. With the parameters known, all previously encrypted passwords can be decrypted. This includes the passwords that are part of configuration backups or otherwise embedded as part of the firmware.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-798'],"['cpe:2.3:o:zyxel:gs1900-8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-8hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-10hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48hp:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15803,Zyxel,0.01141,9.1,0.0,1.0,0.0,1.0,1,2019-11-14,1.0,2019-11-14,,,1.0,"An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fds_sys_passDebugPasswd_ret(). The firmware contains access control checks that determine if remote users are allowed to access this functionality. The function that performs this check (fds_sys_remoteDebugEnable_ret in libfds.so) always return TRUE with no actual checks performed. The diagnostics menu allows for reading/writing arbitrary registers and various other configuration parameters which are believed to be related to the network interface chips.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['CWE-287'],"['cpe:2.3:o:zyxel:gs1900-8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-8hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-10hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48hp:-:*:*:*:*:*:*:*']",0,0
CVE-2019-17354,Zyxel,0.00116,9.4,0.0,1.0,0.0,1.0,1,2019-10-09,0.0,,0.0,,,"wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify data fields of the page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,HIGH,HIGH,CRITICAL,3.9,5.5,['CWE-306'],"['cpe:2.3:o:zyxel:nbg-418n_v2_firmware:1.00\\(aarp.9\\)c0:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nbg-418n_v2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-7391,Zyxel,0.01068,8.8,1.0,1.0,0.0,1.0,1,2019-03-21,0.0,,0.0,,,ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 devices allow login/login-page.cgi CSRF.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:zyxel:dsl-491hnu-b10b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:dsl-491hnu-b10b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:dsl-491hnu-b1b_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:dsl-491hnu-b1b_v2:-:*:*:*:*:*:*:*']",1,0
CVE-2019-9955,Zyxel,0.03054,6.1,1.0,1.0,0.0,1.0,1,2019-04-22,1.0,2019-04-25,,,0.0,"On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS via the unsanitized 'mp_idx' parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:zyxel:atp200_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp500_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp800_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg20-vpn_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg20w-vpn_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg40_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg40w_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg60_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg60w_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg110_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg210_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg310_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg1100_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg1900_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg2200-vpn_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_110_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_310_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_1100_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn50_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*']",1,0
CVE-2020-29583,Zyxel,0.96319,9.8,0.0,1.0,0.0,1.0,1,2020-12-22,1.0,2021-01-04,,,0.0,Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:zyxel:usg20-vpn_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg20w-vpn_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg40_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg40w_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg60_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg60w_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg110_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg210_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg310_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg1100_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg1900_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg2200_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall110_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall310_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall1100_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp100_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp100w_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp200_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp500_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp700_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp800_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn50_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn100_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn300_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn1000_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_100_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_100w_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_200_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_500_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_700_firmware:4.60:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*']",0,0
CVE-2021-35029,Zyxel,0.00695,9.8,0.0,1.0,0.0,1.0,1,2021-07-02,1.0,2021-07-06,,,0.0,"An authentication bypasss vulnerability in the web-based management interface of Zyxel USG/Zywall series firmware versions 4.35 through 4.64 and USG Flex, ATP, and VPN series firmware versions 4.35 through 5.01, which could allow a remote attacker to execute arbitrary commands on an affected device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg1900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg1100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg110_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg20w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg2200-vpn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*']",0,0
CVE-2021-35031,Zyxel,0.00044,8.0,0.0,1.0,0.0,1.0,1,2021-12-28,1.0,2022-09-01,,,0.0,"A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['CWE-78'],"['cpe:2.3:o:zyxel:gs1900-8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-8hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-10hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24hpv2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24hpv2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48hpv2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48hpv2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:xgs1210-12_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:xgs1210-12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:xgs1250-12_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:xgs1250-12:-:*:*:*:*:*:*:*']",0,0
CVE-2021-35032,Zyxel,0.00042,7.8,0.0,1.0,0.0,1.0,1,2021-12-28,1.0,2022-09-01,,,0.0,A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-78'],"['cpe:2.3:o:zyxel:gs1900-8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-8hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-10hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24hpv2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24hpv2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48hpv2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48hpv2:-:*:*:*:*:*:*:*']",0,0
CVE-2021-35034,Zyxel,0.00289,9.1,0.0,1.0,0.0,1.0,1,2021-12-29,1.0,2021-12-30,,,0.0,An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['CWE-613'],"['cpe:2.3:o:zyxel:nbg6604_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nbg6604:-:*:*:*:*:*:*:*']",0,0
CVE-2021-35035,Zyxel,0.00117,6.5,0.0,1.0,0.0,1.0,1,2021-12-29,1.0,2021-12-30,,,0.0,"A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-312'],"['cpe:2.3:o:zyxel:nbg6604_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nbg6604:-:*:*:*:*:*:*:*']",0,0
CVE-2022-0342,Zyxel,0.05823,9.8,0.0,1.0,0.0,1.0,1,2022-03-28,1.0,2022-05-27,,,0.0,"An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware versions V1.20 through V1.33 Patch 4, which could allow an attacker to bypass the web authentication and obtain administrative access of the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nsg300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nsg300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nsg300_firmware:1.33:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nsg300_firmware:1.33:p4:*:*:*:*:*:*']",0,0
CVE-2022-2030,Zyxel,0.00065,6.5,0.0,1.0,0.0,1.0,1,2022-07-19,1.0,2022-07-28,,,0.0,"A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-22'],"['cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30525,Zyxel,0.97462,9.8,1.0,1.0,0.0,1.0,1,2022-05-12,1.0,2022-05-12,,,1.0,"A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*']",1,0
CVE-2019-15815,Zyxel,0.00064,6.5,0.0,1.0,0.0,1.0,0,2019-11-12,1.0,2019-10-16,,,1.0,ZyXEL P-1302-T10D v3 devices with firmware version 2.00(ABBX.3) and earlier do not properly enforce access control and could allow an unauthorized user to access certain pages that require admin privileges.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-639'],"['cpe:2.3:o:zyxel:2.00\\(abbx.3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:p-1302-t10d:3.0:*:*:*:*:*:*:*']",0,0
CVE-2020-13364,Zyxel,0.00102,8.8,0.0,1.0,0.0,1.0,0,2020-08-06,1.0,2020-08-05,,,1.0,"A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nas520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nas520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nas540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nas540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nas542:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nas542_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-13365,Zyxel,0.00102,8.8,0.0,1.0,0.0,1.0,0,2020-08-06,1.0,2020-08-05,,,1.0,"Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-287'],"['cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nas520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nas520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nas540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nas540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nas542_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nas542:-:*:*:*:*:*:*:*']",0,0
CVE-2020-15315,Zyxel,0.00199,5.9,0.0,0.0,1.0,0.0,0,2020-06-29,0.0,,1.0,2020-03-13,,Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-798'],"['cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.1:*:*:*:*:*:*:*']",0,0
CVE-2020-15318,Zyxel,0.00199,5.9,0.0,0.0,1.0,0.0,0,2020-06-29,0.0,,1.0,2020-03-13,,Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-798'],"['cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.1:*:*:*:*:*:*:*']",0,0
CVE-2020-15323,Zyxel,0.0032,9.8,0.0,0.0,1.0,0.0,0,2020-06-29,0.0,,1.0,2020-03-13,,Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.1:*:*:*:*:*:*:*']",0,0
CVE-2020-15327,Zyxel,0.00119,7.5,0.0,0.0,1.0,0.0,0,2022-09-29,0.0,,1.0,2020-03-13,,Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-798'],"['cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.1:*:*:*:*:*:*:*']",0,0
CVE-2020-15335,Zyxel,0.0009,7.5,0.0,0.0,1.0,0.0,0,2020-06-26,0.0,,1.0,2020-03-13,,Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /registerCpe requests.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.1:*:*:*:*:*:*:*']",0,0
CVE-2020-15341,Zyxel,0.00362,7.5,0.0,0.0,1.0,0.0,0,2022-09-29,0.0,,1.0,2020-03-13,,Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-522'],"['cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.1:*:*:*:*:*:*:*']",0,0
CVE-2020-15342,Zyxel,0.0014,5.3,0.0,0.0,1.0,0.0,0,2022-09-29,0.0,,1.0,2020-03-13,,Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user API.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-311'],"['cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.1:*:*:*:*:*:*:*']",0,0
CVE-2020-15343,Zyxel,0.0014,5.3,0.0,0.0,1.0,0.0,0,2022-09-29,0.0,,1.0,2020-03-13,,Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user_key API.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-311'],"['cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.1:*:*:*:*:*:*:*']",0,0
CVE-2020-15346,Zyxel,0.00119,5.3,0.0,0.0,1.0,0.0,0,2022-09-29,0.0,,1.0,2020-03-13,,Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-311'],"['cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:zyxel:cloudcnm_secumanager:3.1.1:*:*:*:*:*:*:*']",0,0
CVE-2020-25014,Zyxel,0.00262,9.8,0.0,1.0,0.0,1.0,0,2020-11-27,1.0,2020-11-26,,,1.0,A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg2200-vpn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:zld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nwa1123-ac_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nwa1123-ac_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nwa1123-acv2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:wac5302d-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nwa5120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nwa5301-nj:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:wac6550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:wac6303d-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:wac6500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:wac6100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:-:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch1:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch2:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch3:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch4:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch5:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch6:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:access_points_firmware:6.10:patch7:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nwa1302-ac:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3297,Zyxel,0.43532,7.8,0.0,1.0,0.0,1.0,0,2021-01-26,0.0,,1.0,2021-01-27,,"On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-287'],"['cpe:2.3:o:zyxel:nbg2105_firmware:v1.00\\(aagu.2\\)c0:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nbg2105:-:*:*:*:*:*:*:*']",0,0
CVE-2021-35027,Zyxel,0.00412,7.5,0.0,1.0,0.0,1.0,0,2021-09-29,1.0,2021-09-30,,,0.0,A directory traversal vulnerability in the web server of the Zyxel VPN2S firmware version 1.12 could allow a remote attacker to gain access to sensitive information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-22', 'CWE-27']","['cpe:2.3:o:zyxel:zywall_vpn2s_firmware:1.12\\(abln.0\\)c0:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*']",0,0
CVE-2021-35028,Zyxel,0.00042,7.8,0.0,1.0,0.0,1.0,0,2021-09-29,1.0,2021-09-30,,,0.0,"A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-78'],"['cpe:2.3:o:zyxel:zywall_vpn2s_firmware:1.12\\(abln.0\\)c0:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*']",0,0
CVE-2021-35030,Zyxel,0.00042,4.3,0.0,1.0,0.0,1.0,0,2021-07-26,1.0,2022-09-01,,,0.0,"A vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and could allow an authenticated, local user to perform a cross-site scripting (XSS) attack via a crafted LLDP packet.",CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,ADJACENT_NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.2,2.7,['CWE-79'],"['cpe:2.3:o:zyxel:gs1900-8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-8hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-10hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24hpv2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24hpv2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48hpv2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48hpv2:-:*:*:*:*:*:*:*']",0,0
CVE-2021-35036,Zyxel,0.00064,6.5,0.0,1.0,0.0,1.0,0,2022-03-01,1.0,2022-09-27,,,0.0,A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-312'],"['cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ep240p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:lte3301-plus_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:lte3301-plus:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:lte5388-m804_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:lte5388-m804:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:lte5388-s905_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:lte5388-s905:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:lte5398-m904_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:lte5398-m904:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:lte7240-m403_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:lte7240-m403:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:lte7461-m602_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:lte7461-m602:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:lte7480-m804_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:lte7480-m804:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:lte7480-s905_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:lte7480-s905:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:lte7485-s905_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:lte7485-s905:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:lte7490-m804_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:lte7490-m804:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nr5101_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nr5101:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nr7101_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nr7101:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nr7102_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nr7102:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pmg5317-t20b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pmg5617ga_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pmg5622ga_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:central_america:*:*:*', 'cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:emea:*:*:*', 'cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*']",0,0
CVE-2021-4039,Zyxel,0.09682,9.8,1.0,1.0,0.0,1.0,0,2022-03-01,1.0,2022-03-01,,,1.0,A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could allow an attacker to execute arbitrary OS commands on the device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:h:zyxel:nwa1100-nh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:nwa1100-nh_firmware:*:*:*:*:*:*:*:*']",1,0
CVE-2022-0556,Zyxel,0.00045,7.8,0.0,0.0,1.0,0.0,0,2022-04-11,1.0,2022-04-12,,,0.0,"A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator (ZAC) version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['CWE-732', 'CWE-269']",['cpe:2.3:a:zyxel:zyxel_ap_configurator:1.1.4:*:*:*:*:*:*:*'],0,0
CVE-2022-0823,Zyxel,0.00058,6.2,0.0,1.0,0.0,1.0,0,2022-06-09,1.0,2022-06-07,,,1.0,An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could allow a local attacker to guess the password by using a timing side-channel attack.,CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.5,3.6,"['NVD-CWE-Other', 'CWE-203']","['cpe:2.3:o:zyxel:gs1200-5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1200-5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1200-5hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1200-5hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1200-8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1200-8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1200-8hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1200-8hp:-:*:*:*:*:*:*:*']",0,0
CVE-2022-26413,Zyxel,0.00042,8.0,0.0,1.0,0.0,1.0,0,2022-04-11,1.0,2022-09-30,,,0.0,A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0 could allow a local authenticated attacker to execute arbitrary OS commands on a vulnerable device via a LAN interface.,CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['CWE-78'],"['cpe:2.3:h:zyxel:vmg3312-t20a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3312-t20a_firmware:5.30\\(abfx.5\\)c0:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:america:*:*:*', 'cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:emea:*:*:*', 'cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:america:*:*:*', 'cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:emea:*:*:*', 'cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg1312-t20b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg1312-t20b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3927-b50a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3927-b50a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3927-b60a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3927-b60a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8825-b50a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8825-b50a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8825-b50b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8825-b50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8825-b60a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8825-b60a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8825-b60b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8825-b60b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:xmg3927-b50a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:xmg3927-b50a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:xmg8825-b50a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:xmg8825-b50a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ep240p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pmg5317-t20b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pmg5617ga_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pmg5622ga_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:px7501-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:px7501-b0:-:*:*:*:*:*:*:*']",0,0
CVE-2022-26414,Zyxel,0.00042,5.5,0.0,1.0,0.0,1.0,0,2022-04-11,1.0,2022-09-30,,,0.0,"A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-120'],"['cpe:2.3:o:zyxel:vmg3312-t20a_firmware:5.30\\(abfx.5\\)c0:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3312-t20a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:america:*:*:*', 'cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:emea:*:*:*', 'cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:america:*:*:*', 'cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:emea:*:*:*', 'cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:emg5723-t50k_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:emg5723-t50k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:emg6726-b10a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:emg6726-b10a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg1312-t20b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg1312-t20b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3927-b50a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3927-b50a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3927-b50b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3927-b50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3927-b60a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3927-b60a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg3927-t50k_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg3927-t50k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg4927-b50a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg4927-b50a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8825-b50a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8825-b50a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8825-b50b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8825-b50b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8825-t50k_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8825-t50k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8825-b60a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8825-b60a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:vmg8825-b60b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8825-b60b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:xmg3927-b50a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:xmg3927-b50a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:xmg8825-b50a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:xmg8825-b50a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:ep240p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:ep240p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pm7300-t0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pm7300-t0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pmg5317-t20b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pmg5317-t20b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pmg5617ga_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pmg5617ga:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pmg5617-t20b2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pmg5617-t20b2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:pmg5622ga_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:pmg5622ga:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:px7501-b0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:px7501-b0:-:*:*:*:*:*:*:*']",0,0
CVE-2022-34746,Zyxel,0.0011,5.9,0.0,1.0,0.0,1.0,0,2022-09-20,1.0,2022-09-20,,,1.0,An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring the RSA modulus N in the certificate of the web administration interface.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-331'],"['cpe:2.3:o:zyxel:gs1900-8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-8hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-8hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-10hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-24hpv2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-24hpv2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:gs1900-48hpv2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:gs1900-48hpv2:-:*:*:*:*:*:*:*']",0,0
CVE-2022-34747,Zyxel,0.00492,9.8,0.0,1.0,0.0,1.0,0,2022-09-06,1.0,2022-09-06,,,1.0,A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized remote code execution via a crafted UDP packet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-134'],"['cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*']",0,0
CVE-2016-10719,TP-Link,0.00085,6.1,0.0,1.0,0.0,1.0,1,2019-05-15,0.0,,0.0,,,"TP-Link Archer CR-700 1.0.6 devices have an XSS vulnerability that can be introduced into the admin account through a DHCP request, allowing the attacker to steal the cookie information, which contains the base64 encoded username and password.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:tp-link:archer_cr700_firmware:1.0.6:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:archer_cr700:-:*:*:*:*:*:*:*']",0,0
CVE-2017-15291,TP-Link,0.00115,6.1,1.0,1.0,0.0,1.0,1,2017-10-20,0.0,,0.0,,,Cross-site scripting (XSS) vulnerability in the Wireless MAC Filtering page in TP-LINK TL-MR3220 wireless routers allows remote attackers to inject arbitrary web script or HTML via the Description field.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:tp-link:tl-mr3220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-mr3220:-:*:*:*:*:*:*:*']",1,0
CVE-2017-15613,TP-Link,0.00141,7.2,0.0,1.0,0.0,1.0,1,2018-01-11,1.0,2018-01-10,,,1.0,"TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*']",0,0
CVE-2017-15616,TP-Link,0.00141,7.2,0.0,1.0,0.0,1.0,1,2018-01-11,1.0,2018-01-10,,,1.0,"TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*']",0,0
CVE-2017-15618,TP-Link,0.00141,7.2,0.0,1.0,0.0,1.0,1,2018-01-11,1.0,2018-01-10,,,1.0,"TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*']",0,0
CVE-2017-15622,TP-Link,0.00141,7.2,0.0,1.0,0.0,1.0,1,2018-01-11,1.0,2018-01-10,,,1.0,"TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*']",0,0
CVE-2017-15628,TP-Link,0.00141,7.2,0.0,1.0,0.0,1.0,1,2018-01-11,1.0,2018-01-10,,,1.0,"TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*']",0,0
CVE-2017-15634,TP-Link,0.00141,7.2,0.0,1.0,0.0,1.0,1,2018-01-11,1.0,2018-01-10,,,1.0,"TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*']",0,0
CVE-2017-17757,TP-Link,0.00229,8.8,0.0,1.0,0.0,1.0,1,2017-12-19,0.0,,0.0,,,"TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the interface field of an admin/wportal command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/wportal.lua in uhttpd.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:tp-link:tl-wvr450l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr900l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr1200l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr1200l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr4300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr4300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war450l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war900l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war1200l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war1200l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war2600l:-:*:*:*:*:*:*:*']",0,0
CVE-2017-17758,TP-Link,0.00229,8.8,0.0,1.0,0.0,1.0,1,2017-12-19,0.0,,0.0,,,"TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the interface field of an admin/dhcps command to cgi-bin/luci, related to the zone_get_iface_bydev function in /usr/lib/lua/luci/controller/admin/dhcps.lua in uhttpd.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:tp-link:tl-wvr450l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr900l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr1200l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr1200l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr2600l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wvr4300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wvr4300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war450l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war450l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war458l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war458l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war900l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war900l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war1200l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war1200l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war1300l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war1300l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war1750l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war1750l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-war2600l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-war2600l:-:*:*:*:*:*:*:*']",0,0
CVE-2018-13134,TP-Link,0.00078,6.1,1.0,1.0,0.0,1.0,1,2018-07-04,0.0,,0.0,,,TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU devices have XSS via the PATH_INFO to the /webpages/data URI.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:tp-link:archer_c1200_firmware:1.13:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:archer_c1200:-:*:*:*:*:*:*:*']",1,0
CVE-2018-15172,TP-Link,0.00979,7.5,1.0,1.0,0.0,1.0,1,2018-08-15,0.0,,0.0,,,TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-119'],"['cpe:2.3:o:tp-link:tl-wr840n_firmware:0.9.1:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr840n:-:*:*:*:*:*:*:*']",1,0
CVE-2018-15700,TP-Link,0.00064,6.5,0.0,1.0,0.0,1.0,1,2018-10-01,0.0,,0.0,,,The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to a denial of service when an unauthenticated LAN user sends a crafted HTTP header containing an unexpected Referer field.,CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-20'],"['cpe:2.3:o:tp-link:tl-wrn841n_firmware:0.9.1_4.16_v0348.0:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wrn841n:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15702,TP-Link,0.00097,8.8,0.0,1.0,0.0,1.0,1,2018-10-01,0.0,,0.0,,,The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to CSRF due to insufficient validation of the referer field.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:tp-link:tl-wrn841n_firmware:0.9.1_4.16_v0348.0:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wrn841n:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17007,TP-Link,0.00083,6.5,0.0,1.0,0.0,1.0,1,2018-09-13,0.0,,0.0,,,"An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wireless wlan_wds_2g ssid.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:tp-link:tl-wr886n_firmware:6.0_2.3.4:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wr886n_firmware:7.0_1.1.0:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr886n:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17009,TP-Link,0.00083,6.5,0.0,1.0,0.0,1.0,1,2018-09-13,0.0,,0.0,,,"An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wireless wlan_host_2g isolate.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:tp-link:tl-wr886n_firmware:6.0_2.3.4:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wr886n_firmware:7.0_1.1.0:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr886n:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19537,TP-Link,0.01201,7.2,0.0,1.0,0.0,1.0,1,2018-11-26,0.0,,0.0,,,TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-434'],"['cpe:2.3:o:tp-link:archer_c5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:archer_c5:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20372,TP-Link,0.00105,5.4,0.0,0.0,0.0,1.0,1,2018-12-23,0.0,,0.0,,,TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP client.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:tp-link:td-w8961nd_firmware:1.0.1:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:td-w8961nd:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19143,TP-Link,0.00505,6.1,1.0,1.0,0.0,1.0,1,2020-01-27,0.0,,0.0,,,TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,NONE,MEDIUM,0.9,5.2,['CWE-306'],"['cpe:2.3:o:tp-link:tl-wr849n_firmware:0.9.1_4.16:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr849n:-:*:*:*:*:*:*:*']",1,0
CVE-2019-6989,TP-Link,0.05451,8.8,1.0,1.0,0.0,1.0,1,2019-06-06,0.0,,0.0,,,"TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr940n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wr941nd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr941nd:-:*:*:*:*:*:*:*']",1,0
CVE-2020-10881,TP-Link,0.01615,9.8,0.0,1.0,0.0,1.0,1,2020-03-25,0.0,,0.0,,,"This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS message can trigger an overflow of a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-9660.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:o:tp-link:ac1750_firmware:190726:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:ac1750:-:*:*:*:*:*:*:*']",0,0
CVE-2020-24297,TP-Link,0.00681,8.8,0.0,1.0,0.0,1.0,1,2020-11-18,1.0,2020-11-18,,,1.0,httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. Fixed version: TL-WPA4220(EU)_V4_201023,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:tp-link:tl-wpa4220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wpa4220:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wpa4220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wpa4220:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wpa4220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wpa4220:v4:*:*:*:*:*:*:*']",0,0
CVE-2020-24363,TP-Link,0.00792,8.8,1.0,1.0,0.0,1.0,1,2020-08-31,1.0,2020-08-31,,,1.0,TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-306'],"['cpe:2.3:o:tp-link:tl-wa855re_firmware:20200415:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wa855re:v5:*:*:*:*:*:*:*']",1,0
CVE-2020-28347,TP-Link,0.05606,9.8,0.0,1.0,0.0,1.0,1,2020-11-08,1.0,2020-11-30,,,0.0,tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. NOTE: this issue exists because of an incomplete fix for CVE-2020-10882 in which shell quotes are mishandled.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:h:tp-link:ac1750:a7:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:ac1750_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-40288,TP-Link,0.00151,7.5,0.0,1.0,0.0,0.0,1,2021-12-07,0.0,,0.0,,,"A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client via sending with a wireless adapter specific spoofed authentication frames",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-290'],"['cpe:2.3:h:tp-link:archer_ax10:v1:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:archer_ax10_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-4144,TP-Link,0.0011,8.8,0.0,1.0,0.0,0.0,1,2021-12-23,1.0,2021-12-23,,,1.0,"TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 211202, is vulnerable to OS command injection.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:tp-link:tl-wr802n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr802n:v4:*:*:*:*:*:*:*']",0,0
CVE-2021-41450,TP-Link,0.00696,7.5,0.0,1.0,0.0,1.0,1,2021-12-08,0.0,,0.0,,,An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-444'],"['cpe:2.3:h:tp-link:archer_ax10_v1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:archer_ax10_v1_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-44622,TP-Link,0.00175,9.8,0.0,1.0,0.0,0.0,1,2022-03-10,0.0,,0.0,,,A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/check_reg_verify_code function which could let a remove malicious user execute arbitrary code via a crafted post request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:tp-link:tl-wr886n_firmware:20190826_2.3.8:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr886n:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44623,TP-Link,0.00158,9.8,0.0,1.0,0.0,0.0,1,2022-03-10,0.0,,0.0,,,A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 via the /cloud_config/router_post/check_reset_pwd_verify_code interface.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:tp-link:tl-wr886n_firmware:20190826_2.3.8:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr886n:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44626,TP-Link,0.00175,9.8,0.0,1.0,0.0,0.0,1,2022-03-10,0.0,,0.0,,,"A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/get_reg_verify_code feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:tp-link:tl-wr886n_firmware:20190826_2.3.8:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr886n:-:*:*:*:*:*:*:*']",0,0
CVE-2022-22922,TP-Link,0.00205,9.8,0.0,1.0,0.0,1.0,1,2022-02-18,1.0,2020-10-27,,,1.0,"TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-330'],"['cpe:2.3:o:tp-link:tl-wa850re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wa850re:6:*:*:*:*:*:*:*']",0,0
CVE-2022-26639,TP-Link,0.00092,7.2,0.0,1.0,0.0,1.0,1,2022-03-28,0.0,,0.0,,,TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-120'],"['cpe:2.3:h:tp-link:tl-wr840n:6.20:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wr840n_firmware:0.9.1.4.16:*:*:*:*:*:*:*']",0,0
CVE-2022-26641,TP-Link,0.00092,7.2,0.0,1.0,0.0,1.0,1,2022-03-28,0.0,,0.0,,,TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-120'],"['cpe:2.3:h:tp-link:tl-wr840n:6.20:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wr840n_firmware:0.9.1.4.16:*:*:*:*:*:*:*']",0,0
CVE-2022-26642,TP-Link,0.00092,7.2,0.0,1.0,0.0,1.0,1,2022-03-28,0.0,,0.0,,,TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-120'],"['cpe:2.3:o:tp-link:tl-wr840n_firmware:0.9.1.4.16:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr840n:6.20:*:*:*:*:*:*:*']",0,0
CVE-2022-32058,TP-Link,0.00086,7.5,0.0,1.0,0.0,1.0,1,2022-07-07,0.0,,0.0,,,An infinite loop in the function httpRpmPass of TP-Link TL-WR741N/TL-WR742N V1/V2/V3_130415 allows attackers to cause a Denial of Service (DoS) via a crafted packet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-835'],"['cpe:2.3:o:tp-link:tl-wr741n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr741n:v1:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr741n:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wr742n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr742n:v1:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr742n:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wr741n_firmware:v3_130415:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr741n:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wr742n_firmware:v3_130415:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr742n:v3:*:*:*:*:*:*:*']",0,0
CVE-2016-1000009,TP-Link,0.00133,7.5,0.0,0.0,1.0,0.0,0,2016-10-06,0.0,,0.0,,,"TP-LINK lost control of two domains, www.tplinklogin.net and tplinkextender.net. Please note that these domains are physically printed on many of the devices.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-254'],['cpe:2.3:a:tp-link:tp-link:-:*:*:*:*:*:*:*'],0,0
CVE-2018-10164,TP-Link,0.00086,5.4,0.0,0.0,1.0,0.0,0,2018-05-03,1.0,2018-04-16,,,1.0,Stored Cross-site scripting (XSS) vulnerability in the TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows allows authenticated attackers to inject arbitrary web script or HTML via the implementation of portalPictureUpload functionality. This is fixed in version 2.6.1_Windows.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:a:tp-link:eap_controller:2.5.4:*:*:*:*:windows:*:*', 'cpe:2.3:a:tp-link:eap_controller:2.6.0:*:*:*:*:windows:*:*']",0,0
CVE-2018-10165,TP-Link,0.00086,5.4,0.0,0.0,1.0,0.0,0,2018-05-03,1.0,2018-04-16,,,1.0,Stored Cross-site scripting (XSS) vulnerability in the TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows allows authenticated attackers to inject arbitrary web script or HTML via the userName parameter in the local user creation functionality. This is fixed in version 2.6.1_Windows.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:a:tp-link:eap_controller:2.5.4:*:*:*:*:windows:*:*', 'cpe:2.3:a:tp-link:eap_controller:2.6.0:*:*:*:*:windows:*:*']",0,0
CVE-2020-28877,TP-Link,0.00221,9.8,0.0,1.0,0.0,1.0,0,2020-11-20,0.0,,0.0,,,"Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR890N, WR882N, and WR708N.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:tp-link:wdr7400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wdr7400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wdr7500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wdr7500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wdr7660_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wdr7660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wdr7800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wdr7800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wdr8400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wdr8400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wdr8500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wdr8500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wdr8600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wdr8600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wdr8620_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wdr8620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wdr8640_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wdr8640:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wdr8660_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wdr8660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wr880n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wr880n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wr886n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wr886n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wr890n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wr890n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wr890n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wr890n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wr882n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wr882n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:wr708n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wr708n:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27246,TP-Link,0.00129,8.0,0.0,1.0,0.0,0.0,0,2021-04-14,1.0,2021-03-19,,,1.0,This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 1.0.15 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of MAC addresses by the tdpServer endpoint. A crafted TCP message can write stack pointers to the stack. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-12306.,CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['CWE-121'],"['cpe:2.3:o:tp-link:ac1750_firmware:1.0.15:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:ac1750:a7:*:*:*:*:*:*:*']",0,0
CVE-2021-31658,TP-Link,0.00121,8.1,0.0,1.0,0.0,1.0,0,2021-06-10,0.0,,0.0,,,"TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is affected by an Array index error. The interface that provides the ""device description"" function only judges the length of the received data, and does not filter special characters. This vulnerability will cause the application to crash, and all device configuration information will be erased.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,HIGH,HIGH,2.8,5.2,['CWE-129'],"['cpe:2.3:o:tp-link:tl-sg2005_firmware:1.0.0:build_20180529_rel.40524:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-sg2005:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-sg2008_firmware:1.0.0:build_20180529_rel.40524:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-sg2008:-:*:*:*:*:*:*:*']",0,0
CVE-2021-31659,TP-Link,0.00101,8.8,0.0,1.0,0.0,1.0,0,2021-06-10,0.0,,0.0,,,"TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is vulnerable to Cross Site Request Forgery (CSRF). All configuration information is placed in the URL, without any additional token authentication information. A malicious link opened by the switch administrator may cause the password of the switch to be modified and the configuration file to be tampered with.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:tp-link:tl-sg2005_firmware:1.0.0:build_20180529_rel.40524:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-sg2005:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-sg2008_firmware:1.0.0:build_20180529_rel.40524:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-sg2008:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3275,TP-Link,0.00536,6.1,0.0,1.0,0.0,1.0,0,2021-03-26,1.0,2021-10-20,,,0.0,"Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects TD-W9977v1, TL-WA801NDv5, TL-WA801Nv6, TL-WA802Nv5, and Archer C3150v2 devices through the improper validation of the hostname. Some of the pages including dhcp.htm, networkMap.htm, dhcpClient.htm, qsEdit.htm, and qsReview.htm and use this vulnerable hostname function (setDefaultHostname()) without sanitization.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:h:tp-link:td-w9977:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:td-w9977_firmware:v1_0.1.0_0.9.1_up_boot\\(161123\\)_2016-11-23_15.36.15:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wa801nd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wa801nd_firmware:v5_us_0.9.1_3.16_up_boot\\[170905-rel56404\\]:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wa801n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wa801n_firmware:v6_eu_0.9.1_3.16_up_boot\\[200116-rel61815\\]:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wr802n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wr802n_firmware:v4_us_0.9.1_3.17_up_boot\\[200421-rel38950\\]:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:archer-c3150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:archer-c3150_firmware:v2_170926:*:*:*:*:*:*:*']",0,0
CVE-2021-42232,TP-Link,0.00335,9.8,0.0,1.0,0.0,1.0,0,2022-08-23,0.0,,0.0,,,TP-Link Archer A7 Archer A7(US)_V5_210519 is affected by a command injection vulnerability in /usr/bin/tddp. The vulnerability is caused by the program taking part of the received data packet as part of the command. This will cause an attacker to execute arbitrary commands on the router.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:h:tp-link:archer_a7:v5:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:archer_a7_firmware:210519:*:*:*:*:*:*:*']",0,0
CVE-2021-44864,TP-Link,0.00069,6.5,0.0,1.0,0.0,1.0,0,2022-02-08,0.0,,0.0,,,TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to Buffer Overflow. Authenticated attackers can crash router httpd services via /userRpm/PingIframeRpm.htm request which contains redundant & in parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-120'],"['cpe:2.3:o:tp-link:wn886n_firmware:1.0.1:build_150127_rel.34123n:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:wn886n:3.0:*:*:*:*:*:*:*']",0,0
CVE-2022-26987,TP-Link,0.00187,7.8,0.0,1.0,0.0,1.0,0,2022-05-10,0.0,,0.0,,,"TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:h:tp-link:tl-wdr7660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wdr7660_firmware:2.0.30:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wdr7661:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wdr7661_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wdr7620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wdr7620_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wdr5660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wdr5660_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mercusys:mercury_d196g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mercusys:mercury_d196g_firmware:20200109_2.0.4:*:*:*:*:*:*:*', 'cpe:2.3:h:fastcom:fac1900r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fastcom:fac1900r_firmware:20190827_2.0.2:*:*:*:*:*:*:*']",0,0
CVE-2022-26988,TP-Link,0.00187,7.8,0.0,1.0,0.0,1.0,0,2022-05-10,0.0,,0.0,,,"TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:tp-link:tl-wdr7660_firmware:2.0.30:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wdr7660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wdr7661_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wdr7661:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wdr7620_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wdr7620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tp-link:tl-wdr5660_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:tl-wdr5660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mercusys:mercury_d196g_firmware:20200109_2.0.4:*:*:*:*:*:*:*', 'cpe:2.3:h:mercusys:mercury_d196g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fastcom:fac1900r_firmware:20190827_2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:fastcom:fac1900r:-:*:*:*:*:*:*:*']",0,0
CVE-2016-10761,Logitech,0.00047,6.5,0.0,1.0,0.0,1.0,1,2019-06-29,1.0,2016-02-24,,,1.0,"Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-74'],"['cpe:2.3:o:logitech:k400r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:k400r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:k360_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:k360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:k750_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:k750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:k830_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:k830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:unifying_receiver_firmware:012.001.00019:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:unifying_receiver_firmware:012.003.00025:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:unifying_receiver:-:*:*:*:*:*:*:*']",0,0
CVE-2016-6257,Logitech,0.00206,6.5,0.0,1.0,0.0,1.0,1,2016-08-02,0.0,,0.0,,,"The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system by leveraging proximity to the dongle, aka a ""KeyJack injection attack.""",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-310'],"['cpe:2.3:o:amazonbasics:firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:amazonbasics:usb_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:amazonbasics:wireless_keyboard:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:km714_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:km714_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:km714_wireless_keyboard:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:km632_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:km632_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:km632_wireless_keyboard:-:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:unifying_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:unifying_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:unifying_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lenovo:ultraslim_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:ultraslim_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:ultraslim_wireless_keyboard:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15720,Logitech,0.01201,9.8,0.0,1.0,0.0,1.0,1,2018-12-20,1.0,2018-11-12,,,1.0,Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:logitech:harmony_hub_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:harmony_hub:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15721,Logitech,0.01201,9.8,0.0,1.0,0.0,1.0,1,2018-12-20,1.0,2018-11-12,,,1.0,The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local API.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:logitech:harmony_hub_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:harmony_hub:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15722,Logitech,0.0012,8.1,0.0,1.0,0.0,1.0,1,2018-12-20,1.0,2018-11-12,,,1.0,The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. A remote server or man in the middle can inject OS commands with a properly formatted response.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-78'],"['cpe:2.3:o:logitech:harmony_hub_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:harmony_hub:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15723,Logitech,0.02463,9.8,0.0,1.0,0.0,1.0,1,2018-12-20,1.0,2018-11-12,,,1.0,The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands (e.g. harmony.system?systeminfo).,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['NVD-CWE-noinfo', 'CWE-346']","['cpe:2.3:o:logitech:harmony_hub_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:harmony_hub:-:*:*:*:*:*:*:*']",0,0
CVE-2019-12506,Logitech,0.00302,8.8,0.0,1.0,0.0,1.0,1,2019-06-07,0.0,,0.0,,,"Due to unencrypted and unauthenticated data communication, the wireless presenter Logitech R700 Laser Presentation Remote R-R0010 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target system is unattended. In this way, an attacker can remotely take control over the victim's computer that is operated with an affected receiver of this device.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-306'],"['cpe:2.3:o:logitech:r700_laser_presentation_remote_firmware:wd802xm:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:r700_laser_presentation_remote_firmware:wd904xm:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:r700_laser_presentation_remote:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13052,Logitech,0.00096,6.5,0.0,1.0,0.0,1.0,1,2019-06-29,0.0,,0.0,,,Logitech Unifying devices allow live decryption if the pairing of a keyboard to a receiver is sniffed.,CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-327'],"['cpe:2.3:o:logitech:unifying_receiver_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:unifying_receiver:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13053,Logitech,0.00051,6.5,0.0,1.0,0.0,1.0,1,2019-06-29,0.0,,0.0,,,"Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a ""magic"" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:logitech:unifying_receiver_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:unifying_receiver:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13054,Logitech,0.00051,6.5,0.0,1.0,0.0,1.0,1,2019-06-29,0.0,,0.0,,,"The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to keystroke injection. On Windows, any text may be injected by using ALT+NUMPAD input to bypass the restriction on the characters A through Z.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-522'],"['cpe:2.3:o:logitech:r500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:r500:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13055,Logitech,0.00096,6.5,0.0,1.0,0.0,1.0,1,2019-06-29,0.0,,0.0,,,"Certain Logitech Unifying devices allow attackers to dump AES keys and addresses, leading to the capability of live decryption of Radio Frequency transmissions, as demonstrated by an attack against a Logitech K360 keyboard.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-200'],"['cpe:2.3:o:logitech:unifying_receiver_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:unifying_receiver:-:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:k360_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:k360:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20635,Logitech,0.00074,6.5,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,Improper restriction of excessive authentication attempts in LOGITEC LAN-WH450N/GR allows an attacker in the wireless range of the device to recover PIN and access the network.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-307'],"['cpe:2.3:o:logitech:lan-wh450n\\/gr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:lan-wh450n\\/gr:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20636,Logitech,0.00077,6.5,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,"Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/PR5B allows remote attackers to hijack the authentication of administrators via a specially crafted URL. As a result, unintended operations to the device such as changes of the device settings may be conducted.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-352'],"['cpe:2.3:o:logitech:lan-w300n\\/pr5b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:lan-w300n\\/pr5b:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20637,Logitech,0.00184,6.5,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/PR5B allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-Other'],"['cpe:2.3:o:logitech:lan-w300n\\/pr5b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:lan-w300n\\/pr5b:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20638,Logitech,0.00044,6.8,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-78'],"['cpe:2.3:o:logitech:lan-w300n\\/pgrb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:lan-w300n\\/pgrb:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20639,Logitech,0.00044,6.8,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-78'],"['cpe:2.3:o:logitech:lan-w300n\\/pgrb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:lan-w300n\\/pgrb:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20640,Logitech,0.00063,6.8,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,Buffer overflow vulnerability in LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute an arbitrary OS command via unspecified vectors.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-120'],"['cpe:2.3:o:logitech:lan-w300n\\/pgrb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:lan-w300n\\/pgrb:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20641,Logitech,0.00077,6.5,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,"Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/RS allows remote attackers to hijack the authentication of administrators via a specially crafted URL. As a result, unintended operations to the device such as changes of the device settings may be conducted.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-352'],"['cpe:2.3:o:logitech:lan-w300n\\/rs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:lan-w300n\\/rs:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20642,Logitech,0.00184,6.5,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/RS allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-Other'],"['cpe:2.3:o:logitech:lan-w300n\\/rs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:lan-w300n\\/rs:-:*:*:*:*:*:*:*']",0,0
CVE-2017-15687,Logitech,0.00072,6.1,1.0,0.0,1.0,0.0,0,2017-10-23,0.0,,0.0,,,"DOM Based Cross Site Scripting (XSS) exists in Logitech Media Server 7.7.1, 7.7.2, 7.7.3, 7.7.5, 7.7.6, 7.9.0, and 7.9.1 via a crafted URI.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:logitech:media_server:7.7.1:*:*:*:*:*:*:*', 'cpe:2.3:a:logitech:media_server:7.7.2:*:*:*:*:*:*:*', 'cpe:2.3:a:logitech:media_server:7.7.3:*:*:*:*:*:*:*', 'cpe:2.3:a:logitech:media_server:7.7.5:*:*:*:*:*:*:*', 'cpe:2.3:a:logitech:media_server:7.7.6:*:*:*:*:*:*:*', 'cpe:2.3:a:logitech:media_server:7.9.0:*:*:*:*:*:*:*', 'cpe:2.3:a:logitech:media_server:7.9.1:*:*:*:*:*:*:*']",1,0
CVE-2017-16567,Logitech,0.00111,5.4,1.0,0.0,1.0,0.0,0,2017-11-10,0.0,,0.0,,,"Cross-site scripting (XSS) vulnerability in Logitech Media Server 7.9.0 allows remote attackers to inject arbitrary web script or HTML via a ""favorite.""",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:logitech:media_server:7.9.0:*:*:*:*:*:*:*'],1,0
CVE-2017-16568,Logitech,0.00087,5.4,1.0,0.0,1.0,0.0,0,2017-11-10,0.0,,0.0,,,Cross-site scripting (XSS) vulnerability in Logitech Media Server 7.9.0 allows remote attackers to inject arbitrary web script or HTML via a radio URL.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:logitech:media_server:7.9.0:*:*:*:*:*:*:*'],1,0
CVE-2018-0620,Logitech,0.00059,7.8,0.0,0.0,1.0,0.0,0,2018-07-26,1.0,2018-07-06,,,1.0,Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],['cpe:2.3:a:logitech:game_software:*:*:*:*:*:*:*:*'],0,0
CVE-2018-0621,Logitech,0.00059,7.8,0.0,0.0,1.0,0.0,0,2018-07-26,1.0,2018-07-06,,,1.0,Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],['cpe:2.3:a:logitech:connection_utility_software:*:*:*:*:*:*:*:*'],0,0
CVE-2021-38547,Logitech,0.00522,5.9,0.0,1.0,0.0,1.0,0,2021-08-11,0.0,,0.0,,,"Logitech Z120 and S120 speakers through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a ""Glowworm"" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensity of a device's power indicator LED is correlative to the power consumption. The sound played by the speakers affects their power consumption and as a result is also correlative to the light intensity of the LEDs. By analyzing measurements obtained from an electro-optical sensor directed at the power indicator LEDs of the speakers, we can recover the sound played by them.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:logitech:z120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:z120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:s120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:s120:-:*:*:*:*:*:*:*']",0,0
CVE-2022-0915,Logitech,0.00044,7.0,0.0,0.0,1.0,0.0,0,2022-04-12,1.0,2023-03-15,,,0.0,There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Successful exploitation of these vulnerabilities may escalate the permission to the system user.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.0,5.9,['CWE-367'],['cpe:2.3:a:logitech:sync:*:*:*:*:*:windows:*:*'],0,0
CVE-2022-36263,Logitech,0.0006,7.3,0.0,0.0,1.0,0.0,0,2022-08-19,0.0,,0.0,,,StreamLabs Desktop Application 1.9.0 is vulnerable to Incorrect Access Control via obs64.exe. An attacker can execute arbitrary code via a crafted .exe file.,CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.3,5.9,['NVD-CWE-Other'],"['cpe:2.3:a:logitech:streamlabs_desktop:1.9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2016-10880,Google,0.00078,6.1,0.0,0.0,1.0,0.0,1,2019-08-14,1.0,2018-12-31,,,1.0,The google-document-embedder plugin before 2.6.1 for WordPress has XSS.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:google_doc_embedder_project:google_doc_embedder:*:*:*:*:*:wordpress:*:*'],0,0
CVE-2016-10881,Google,0.00078,6.1,0.0,0.0,1.0,0.0,1,2019-08-14,1.0,2018-12-31,,,1.0,The google-document-embedder plugin before 2.6.2 for WordPress has XSS.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:google_doc_embedder_project:google_doc_embedder:*:*:*:*:*:wordpress:*:*'],0,0
CVE-2016-10882,Google,0.00073,8.8,0.0,0.0,1.0,0.0,1,2019-08-14,1.0,2018-12-31,,,1.0,The google-document-embedder plugin before 2.6.2 for WordPress has CSRF.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],['cpe:2.3:a:google_doc_embedder_project:google_doc_embedder:*:*:*:*:*:wordpress:*:*'],0,0
CVE-2020-8927,Google,0.00954,6.5,0.0,0.0,1.0,0.0,1,2020-09-15,1.0,2020-09-30,,,0.0,"A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a ""one-shot"" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the ""streaming"" API as opposed to the ""one-shot"" API, and impose chunk size limits.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,LOW,MEDIUM,3.9,2.5,"['CWE-120', 'CWE-130']","['cpe:2.3:a:google:brotli:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:visual_studio_2022:17.1:*:*:*:*:*:*:*']",0,0
CVE-2022-2156,Google,0.0065,8.8,0.0,0.0,1.0,0.0,1,2022-07-28,1.0,2022-06-21,,,1.0,Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-416'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*']",0,0
CVE-2016-10403,Google,0.00774,8.8,0.0,0.0,1.0,0.0,0,2019-01-09,1.0,2016-05-25,,,1.0,Insufficient data validation on image data in PDFium in Google Chrome prior to 51.0.2704.63 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-125'],['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*'],0,0
CVE-2016-1659,Google,0.00571,9.8,0.0,0.0,1.0,0.0,0,2016-04-18,1.0,2016-04-13,,,1.0,Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*', 'cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*']",0,0
CVE-2016-1665,Google,0.00479,6.5,0.0,0.0,1.0,0.0,0,2016-05-14,1.0,2016-04-28,,,1.0,"The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-20'],"['cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*', 'cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*']",0,0
CVE-2016-1682,Google,0.00353,6.1,0.0,0.0,1.0,0.0,0,2016-06-05,1.0,2016-05-25,,,1.0,"The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a ServiceWorker registration.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-254'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*']",0,0
CVE-2016-5177,Google,0.02416,8.8,0.0,0.0,1.0,0.0,0,2017-05-23,1.0,2016-09-29,,,1.0,Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-416'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*']",0,0
CVE-2016-5220,Google,0.00418,6.5,0.0,0.0,1.0,0.0,0,2017-01-19,1.0,2016-12-01,,,1.0,"PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to read local files via a crafted PDF file.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-200'],['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*'],0,0
CVE-2016-7152,Google,0.00549,5.3,0.0,0.0,1.0,0.0,0,2016-09-06,1.0,2016-05-25,,,1.0,"The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a ""HEIST"" attack.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-200'],"['cpe:2.3:a:opera:opera:-:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*', 'cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5023,Google,0.00785,4.3,0.0,0.0,1.0,0.0,0,2017-02-17,1.0,2017-01-25,,,1.0,"Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,LOW,MEDIUM,2.8,1.4,['CWE-476'],['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*'],0,0
CVE-2017-5030,Google,0.75547,8.8,0.0,0.0,1.0,0.0,0,2017-04-24,1.0,2017-03-09,,,1.0,"Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-125'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*']",0,0
CVE-2017-5045,Google,0.00337,6.1,0.0,0.0,1.0,0.0,0,2017-04-24,1.0,2017-03-09,,,1.0,"XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*']",0,0
CVE-2017-5053,Google,0.41883,9.6,0.0,0.0,1.0,0.0,0,2017-10-27,1.0,2017-03-29,,,1.0,"An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.8,6.0,['CWE-125'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*']",0,0
CVE-2017-5060,Google,0.00628,6.5,0.0,0.0,1.0,0.0,0,2017-10-27,1.0,2017-04-19,,,1.0,"Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-863'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*']",0,0
CVE-2017-5129,Google,0.01529,8.8,0.0,0.0,1.0,0.0,0,2018-02-07,1.0,2017-10-17,,,1.0,A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-416'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*']",0,0
CVE-2018-17463,Google,0.97059,8.8,1.0,0.0,1.0,0.0,0,2018-11-14,1.0,2018-10-16,,,1.0,Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*']",1,1
CVE-2019-5736,Google,0.00427,8.6,1.0,0.0,1.0,0.0,0,2019-02-11,1.0,2019-02-11,,,1.0,"runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH,HIGH,1.8,6.0,['CWE-78'],"['cpe:2.3:a:docker:docker:*:*:*:*:*:*:*:*', 'cpe:2.3:a:linuxfoundation:runc:*:*:*:*:*:*:*:*', 'cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2:*:*:*:*:*:*', 'cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3:*:*:*:*:*:*', 'cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4:*:*:*:*:*:*', 'cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5:*:*:*:*:*:*', 'cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6:*:*:*:*:*:*', 'cpe:2.3:a:redhat:container_development_kit:3.7:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift:3.4:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift:3.5:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift:3.6:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift:3.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:google:kubernetes_engine:-:*:*:*:*:*:*:*', 'cpe:2.3:a:linuxcontainers:lxc:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hp:onesphere:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*', 'cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*', 'cpe:2.3:a:d2iq:kubernetes_engine:*:*:*:*:*:*:*:*', 'cpe:2.3:o:d2iq:dc\\/os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:d2iq:dc\\/os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:d2iq:dc\\/os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:a:microfocus:service_management_automation:2018.02:*:*:*:*:*:*:*', 'cpe:2.3:a:microfocus:service_management_automation:2018.05:*:*:*:*:*:*:*', 'cpe:2.3:a:microfocus:service_management_automation:2018.08:*:*:*:*:*:*:*', 'cpe:2.3:a:microfocus:service_management_automation:2018.11:*:*:*:*:*:*:*']",2,0
CVE-2019-5754,Google,0.00266,6.5,0.0,0.0,1.0,0.0,0,2019-02-19,1.0,2019-01-29,,,1.0,Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-327'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*']",0,0
CVE-2019-5764,Google,0.0217,8.8,0.0,0.0,1.0,0.0,0,2019-02-19,1.0,2019-01-29,,,1.0,Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-416'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*']",0,0
CVE-2020-15213,Google,0.00124,4.0,0.0,0.0,1.0,0.0,0,2020-09-25,0.0,,0.0,,,"In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor, attackers can use a very large value to trigger a large allocation. The issue is patched in commit 204945b19e44b57906c9344c0d00120eeeae178a and is released in TensorFlow versions 2.2.1, or 2.3.1. A potential workaround would be to add a custom `Verifier` to limit the maximum value in the segment ids tensor. This only handles the case when the segment ids are stored statically in the model, but a similar validation could be done if the segment ids are generated at runtime, between inference steps. However, if the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L,NETWORK,HIGH,NONE,NONE,CHANGED,NONE,NONE,LOW,MEDIUM,2.2,1.4,"['CWE-770', 'CWE-119']","['cpe:2.3:a:google:tensorflow:*:*:*:*:lite:*:*:*', 'cpe:2.3:a:google:tensorflow:*:*:*:*:lite:*:*:*']",0,0
CVE-2020-16022,Google,0.00118,8.8,0.0,0.0,1.0,0.0,0,2021-01-08,1.0,2020-11-17,,,1.0,Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially bypass firewall controls via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:fuchsia:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2020-16024,Google,0.00241,9.6,0.0,0.0,1.0,0.0,0,2021-01-08,1.0,2020-11-17,,,1.0,Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.8,6.0,['CWE-787'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*']",0,0
CVE-2020-16042,Google,0.0011,6.5,0.0,0.0,1.0,0.0,0,2021-01-08,1.0,2020-12-02,,,1.0,Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-908'],['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*'],0,0
CVE-2020-35864,Google,0.00091,7.5,0.0,0.0,1.0,0.0,0,2020-12-31,1.0,2020-04-11,,,1.0,An issue was discovered in the flatbuffers crate through 2020-04-11 for Rust. read_scalar (and read_scalar_at) can transmute values without unsafe blocks.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],['cpe:2.3:a:google:flatbuffers:*:*:*:*:*:rust:*:*'],0,0
CVE-2020-7692,Google,0.00666,9.1,0.0,0.0,1.0,0.0,0,2020-07-09,1.0,2020-07-03,,,1.0,"PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['CWE-863'],['cpe:2.3:a:google:oauth_client_library_for_java:*:*:*:*:*:*:*:*'],0,0
CVE-2021-21107,Google,0.00587,9.6,0.0,0.0,1.0,0.0,0,2021-01-08,1.0,2021-01-06,,,1.0,Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.8,6.0,['CWE-416'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*']",0,0
CVE-2021-21125,Google,0.00147,8.1,0.0,0.0,1.0,0.0,0,2021-02-09,1.0,2021-01-19,,,1.0,Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,['CWE-59'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*']",0,0
CVE-2021-21136,Google,0.00275,6.5,0.0,0.0,1.0,0.0,0,2021-02-09,1.0,2021-01-19,,,1.0,Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-346'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*', 'cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*']",0,0
CVE-2021-29615,Google,0.00044,5.5,0.0,0.0,1.0,0.0,0,2021-05-14,0.0,,0.0,,,"TensorFlow is an end-to-end open source platform for machine learning. The implementation of `ParseAttrValue`(https://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/framework/attr_value_util.cc#L397-L453) can be tricked into stack overflow due to recursion by giving in a specially crafted input. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-674'],"['cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30563,Google,0.00374,8.8,0.0,0.0,1.0,0.0,0,2021-08-03,1.0,2021-07-15,,,1.0,Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-843'],['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*'],0,0
CVE-2021-37981,Google,0.0022,9.6,0.0,0.0,1.0,0.0,0,2021-11-02,1.0,2021-10-19,,,1.0,Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.8,6.0,['CWE-787'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*']",0,0
CVE-2022-1142,Google,0.00224,8.8,0.0,0.0,1.0,0.0,0,2022-07-23,1.0,2022-03-29,,,1.0,Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*'],0,0
CVE-2022-2295,Google,0.00731,8.8,0.0,0.0,1.0,0.0,0,2022-07-28,1.0,2022-07-04,,,1.0,Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-843'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*']",0,0
CVE-2022-2617,Google,0.00126,8.8,0.0,0.0,1.0,0.0,0,2022-08-12,1.0,2022-08-02,,,1.0,Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-362'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*']",0,0
CVE-2022-29200,Google,0.00098,5.5,0.0,0.0,1.0,0.0,0,2022-05-20,0.0,,0.0,,,"TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LSTMBlockCell` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code does not validate the ranks of any of the arguments to this API call. This results in `CHECK`-failures when the elements of the tensor are accessed. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,"['CWE-1284', 'CWE-20']","['cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.7.0:rc0:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.7.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.8.0:-:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.8.0:rc0:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.8.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.9.0:rc0:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.9.0:rc1:*:*:*:*:*:*']",0,0
CVE-2022-29206,Google,0.00099,5.5,0.0,0.0,1.0,0.0,0,2022-05-20,0.0,,0.0,,,"TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorDenseAdd` does not fully validate the input arguments. In this case, a reference gets bound to a `nullptr` during kernel execution. This is undefined behavior. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-20'],"['cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.7.0:rc0:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.7.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.8.0:-:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.8.0:rc0:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.8.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.9.0:rc0:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:2.9.0:rc1:*:*:*:*:*:*']",0,0
CVE-2022-41901,Google,0.00102,7.5,0.0,0.0,1.0,0.0,0,2022-11-18,0.0,,0.0,,,"TensorFlow is an open source platform for machine learning. An input `sparse_matrix` that is not a matrix with a shape with rank 0 will trigger a `CHECK` fail in `tf.raw_ops.SparseMatrixNNZ`. We have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-617', 'CWE-20']","['cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*', 'cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*']",0,0
CVE-2016-11050,Samsung Electronics,0.00042,4.3,0.0,1.0,0.0,1.0,1,2020-04-07,0.0,,0.0,,,"An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. An attacker can rewrite the IMEI by flashing crafted firmware. The Samsung ID is SVE-2016-5562 (March 2016).",CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,PHYSICAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,0.7,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:samsung:s5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:s5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:note3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:note3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:s4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:s4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:note2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:note2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:s3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:s3:-:*:*:*:*:*:*:*']",0,0
CVE-2016-2567,Samsung Electronics,0.00042,3.3,0.0,1.0,0.0,1.0,1,2017-04-13,0.0,,0.0,,,"secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an ""exceptional URL"" in the query string, as demonstrated by the http://should-have-been-filtered.example.com/?http://google.com URL.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE,LOW,1.8,1.4,['CWE-20'],"['cpe:2.3:o:samsung:galaxy_s6_firmware:g920fxxu2coh2:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_note_3_firmware:n9005xxugbob6:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_note_3:-:*:*:*:*:*:*:*']",0,0
CVE-2016-4031,Samsung Electronics,0.00212,6.8,0.0,1.0,0.0,1.0,1,2017-04-13,0.0,,0.0,,,"Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices allow attackers to send AT commands by plugging the device into a Linux host, aka SVE-2016-5301.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-284'],"['cpe:2.3:o:samsung:galaxy_s6_firmware:g920fxxu2coh2:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_note_3_firmware:n9005xxugbob6:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_note_3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_s4_mini_firmware:i9192xxubnb1:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s4_mini:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_s4_mini_lte_firmware:i9195xxucol1:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s4_mini_lte:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_s4_firmware:i9505xxuhoj2:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*']",0,0
CVE-2016-7988,Samsung Electronics,0.00092,7.5,0.0,1.0,0.0,0.0,1,2016-10-31,0.0,,0.0,,,"On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.[Samsung].android.intent.action.SET_WIFI intent leads to unsolicited configuration messages being handled by wifi-service.jar within the Android Framework, a subset of SVE-2016-6542.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-275'],"['cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s4_mini:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s7:-:*:*:*:*:*:*:*']",0,0
CVE-2017-14262,Samsung Electronics,0.00244,8.1,0.0,1.0,0.0,1.0,1,2017-09-11,0.0,,0.0,,,"On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUserPasswd parameter.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-326'],"['cpe:2.3:o:samsung:srn_1670d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:srn_1670d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:srn_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:srn_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:srn_472s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:srn_472s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:srn_470d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:srn_470d:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16524,Samsung Electronics,0.50832,8.8,1.0,1.0,0.0,0.0,1,2017-11-06,0.0,,0.0,,,"Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_upload.php' allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing Local File Read Vulnerability referenced as CVE-2015-8279, which allows remote attackers to read the web-interface credentials via a request for the cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-434'],"['cpe:2.3:a:hanwhasecurity:web_viewer:1.0.0.193:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:srn-1670d:-:*:*:*:*:*:*:*']",1,0
CVE-2017-18020,Samsung Electronics,0.00079,8.4,0.0,0.0,0.0,1.0,1,2018-01-04,0.0,,0.0,,,"On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs data to memory. The Samsung ID is SVE-2017-10598.",CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.5,5.9,['CWE-20'],"['cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:5.1.1:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:6.0.1:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:7.1:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:7.1.1:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:7.1.2:*:*:*:*:*:*:*']",0,0
CVE-2017-18681,Samsung Electronics,0.00194,9.8,0.0,0.0,0.0,1.0,1,2020-04-07,0.0,,0.0,,,An issue was discovered on Samsung Galaxy S5 mobile devices with software through 2016-12-20 (Qualcomm AP chipsets). There are multiple buffer overflows in the bootloader. The Samsung ID is SVE-2016-7930 (March 2017).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:samsung:galaxy_s5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s5:-:*:*:*:*:*:*:*']",0,0
CVE-2018-10501,Samsung Electronics,0.00046,7.0,0.0,0.0,1.0,0.0,1,2018-09-24,1.0,2018-06-07,,,1.0,This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5358.,CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.0,5.9,['CWE-22'],['cpe:2.3:a:samsung:notes:*:*:*:*:*:*:*:*'],0,0
CVE-2018-3893,Samsung Electronics,0.00101,8.8,0.0,1.0,0.0,1.0,1,2018-08-27,1.0,2018-07-17,,,1.0,"An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3902,Samsung Electronics,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-23,1.0,2018-07-17,,,1.0,"An exploitable buffer overflow vulnerability exists in the camera ""replace"" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the URL field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-787'],"['cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3907,Samsung Electronics,0.00104,8.6,0.0,1.0,0.0,1.0,1,2018-08-24,1.0,2018-07-17,,,1.0,"An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'on_url' callback. An attacker can send an HTTP request to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H,NETWORK,LOW,NONE,NONE,CHANGED,NONE,HIGH,HIGH,CRITICAL,3.9,5.8,['CWE-444'],"['cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3914,Samsung Electronics,0.00051,7.8,0.0,1.0,0.0,1.0,1,2018-09-21,1.0,2018-07-17,,,1.0,"An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 2000 bytes. An attacker can send an arbitrarily long ""sessionToken"" value in order to exploit this vulnerability.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3926,Samsung Electronics,0.00042,5.5,0.0,1.0,0.0,1.0,1,2018-08-28,1.0,2018-07-17,,,1.0,"An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process incorrectly handles malformed files existing in its data directory, leading to an infinite loop, which eventually causes the process to crash. An attacker can send an HTTP request to trigger this vulnerability.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-191'],"['cpe:2.3:o:samsung:sth-eth-250_firmware:0.20.17:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:sth-eth-250:-:*:*:*:*:*:*:*']",0,0
CVE-2018-5210,Samsung Electronics,0.00185,8.1,0.0,0.0,0.0,1.0,1,2018-01-04,0.0,,0.0,,,"On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information (PIN, password, or pattern). The Samsung ID is SVE-2017-10733.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-787'],"['cpe:2.3:o:samsung:samsung_mobile:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:7.1:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:7.1.1:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:7.1.2:*:*:*:*:*:*:*']",0,0
CVE-2019-12087,Samsung Electronics,0.00044,5.5,0.0,1.0,0.0,1.0,1,2019-05-14,0.0,,0.0,,,"Samsung S9+, S10, and XCover 4 P(9.0) devices can become temporarily inoperable because of an unprotected intent in the ContainerAgent application. For example, the victim becomes stuck in a launcher with their Secure Folder locked. NOTE: the researcher mentions ""the Samsung Security Team considered this issue as no/little security impact.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-399'],"['cpe:2.3:o:samsung:s9\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:s9\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:s10_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:s10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:xcover_4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:xcover_4:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15439,Samsung Electronics,0.00042,7.8,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:samsung:galaxy_xcover4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_xcover4:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15441,Samsung Electronics,0.00042,7.8,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Samsung on7xeltelgt Android device with a build fingerprint of samsung/on7xeltelgt/on7xeltelgt:8.1.0/M1AJQ/G610LKLU2CSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:samsung:on_7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:on_7:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15444,Samsung Electronics,0.00042,7.8,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:samsung:galaxy_s7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s7:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15450,Samsung Electronics,0.00042,7.8,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Samsung j3popeltecan Android device with a build fingerprint of samsung/j3popeltevl/j3popeltecan:8.1.0/M1AJQ/J327WVLS3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:samsung:galaxy_j3_pop_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_j3_pop:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15463,Samsung Electronics,0.00042,7.8,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Samsung j7popeltemtr Android device with a build fingerprint of samsung/j7popeltemtr/j7popeltemtr:8.1.0/M1AJQ/J727T1UVS5BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:samsung:galaxy_j7_prime_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_j7_prime:-:*:*:*:*:*:*:*']",0,0
CVE-2019-16400,Samsung Electronics,0.00056,6.5,0.0,1.0,0.0,1.0,1,2019-11-06,0.0,,0.0,,,"Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow attackers to send AT commands over Bluetooth, resulting in several Denial of Service (DoS) attacks.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:samsung:galaxy_s8_plus_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s8_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_s3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_note_2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_note_2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-16401,Samsung Electronics,0.00082,6.5,0.0,1.0,0.0,1.0,1,2019-11-06,0.0,,0.0,,,"Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow injection of AT+CIMI and AT+CGSN over Bluetooth, leaking sensitive information such as IMSI, IMEI, call status, call setup stage, internet service status, signal strength, current roaming status, battery level, and call held status.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:samsung:galaxy_s8_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_s8_plus_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_s3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_note_2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_note_2_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2019-7418,Samsung Electronics,0.00125,6.1,0.0,1.0,1.0,1.0,1,2019-03-21,1.0,2019-01-24,,,1.0,"XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in ""/sws/swsAlert.sws"" in multiple parameters: flag, frame, func, and Nfunc.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:samsung:syncthru_web_service:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:x7400gx_firmware:6.a6.25:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:x7400gx:-:*:*:*:*:*:*:*']",0,0
CVE-2019-7420,Samsung Electronics,0.00125,6.1,0.0,1.0,1.0,1.0,1,2019-03-21,1.0,2019-01-24,,,1.0,"XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in ""/sws.application/information/networkinformationView.sws"" in the tabName parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:samsung:syncthru_web_service:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:x7400gx_firmware:6.a6.25:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:x7400gx:-:*:*:*:*:*:*:*']",0,0
CVE-2020-25054,Samsung Electronics,0.00194,9.1,0.0,1.0,0.0,0.0,1,2020-08-31,0.0,,0.0,,,An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,CRITICAL,3.9,5.2,['CWE-125'],['cpe:2.3:h:samsung:exynos:-:*:*:*:*:*:*:*'],0,0
CVE-2020-8860,Samsung Electronics,0.00091,8.0,0.0,1.0,0.0,0.0,1,2020-02-22,1.0,2020-02-20,,,1.0,"This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. User interaction is required to exploit this vulnerability in that the target must answer a phone call. The specific flaw exists within the Call Control Setup messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the baseband processor. Was ZDI-CAN-9658.",CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s10:*:*:*:*:*:*:*:*']",0,0
CVE-2021-25367,Samsung Electronics,0.0005,5.4,0.0,0.0,1.0,0.0,1,2021-03-25,0.0,,0.0,,,Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.5,['CWE-22'],['cpe:2.3:a:samsung:notes:*:*:*:*:*:*:*:*'],0,0
CVE-2021-25421,Samsung Electronics,0.00042,5.5,0.0,0.0,1.0,0.0,1,2021-06-11,1.0,2021-06-30,,,0.0,Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,"['CWE-532', 'CWE-779']",['cpe:2.3:a:samsung:galaxy_watch_3_plugin:*:*:*:*:*:android:*:*'],0,0
CVE-2021-25479,Samsung Electronics,0.00086,7.2,0.0,1.0,0.0,0.0,1,2021-10-06,1.0,2021-10-31,,,0.0,A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,"['CWE-787', 'CWE-122']","['cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos:-:*:*:*:*:*:*:*']",0,0
CVE-2021-25496,Samsung Electronics,0.00042,7.8,0.0,0.0,1.0,0.0,1,2021-10-06,1.0,2021-10-31,,,0.0,A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-120'],['cpe:2.3:a:samsung:notes:*:*:*:*:*:*:*:*'],0,0
CVE-2022-25827,Samsung Electronics,0.00042,3.3,0.0,0.0,1.0,0.0,1,2022-03-10,1.0,2022-03-31,,,0.0,Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,"['CWE-532', 'CWE-200']",['cpe:2.3:a:samsung:galaxy_watch_plugin:*:*:*:*:*:android:*:*'],0,0
CVE-2022-30737,Samsung Electronics,0.00064,5.3,0.0,0.0,1.0,0.0,1,2022-06-07,1.0,2022-01-31,,,1.0,Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attackers to get email ID.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,"['NVD-CWE-noinfo', 'CWE-200']",['cpe:2.3:a:samsung:account:*:*:*:*:*:*:*:*'],0,0
CVE-2022-39901,Samsung Electronics,0.00082,6.5,0.0,1.0,0.0,0.0,1,2022-12-08,1.0,2022-12-31,,,0.0,Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-287'],"['cpe:2.3:o:samsung:exynos_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos:-:*:*:*:*:*:*:*']",0,0
CVE-2022-39915,Samsung Electronics,0.00042,5.5,0.0,0.0,1.0,0.0,1,2022-12-08,1.0,2022-12-31,,,0.0,"Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit intent.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,"['NVD-CWE-Other', 'CWE-284']","['cpe:2.3:a:samsung:calendar:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:samsung:calendar:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:samsung:calendar:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*', 'cpe:2.3:a:samsung:calendar:*:*:*:*:*:*:*:*']",0,0
CVE-2016-6527,Samsung Electronics,0.00092,7.8,0.0,0.0,0.0,1.0,0,2017-01-18,1.0,2016-08-05,,,1.0,The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-264'],"['cpe:2.3:o:samsung:samsung_mobile:5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:5.1:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:samsung_mobile:6.0:*:*:*:*:*:*:*']",0,0
CVE-2017-17859,Samsung Electronics,0.00183,6.1,0.0,0.0,1.0,0.0,0,2017-12-27,0.0,,0.0,,,"Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML file does not have a document.domain value corresponding to the domain that is hosting the MHTML file, but instead has a document.domain value corresponding to an arbitrary URL within the content of the MHTML file.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:samsung:internet_browser:6.2.01.12:*:*:*:*:*:*:*'],0,0
CVE-2018-10496,Samsung Electronics,0.02236,8.8,0.0,0.0,1.0,0.0,0,2018-09-24,1.0,2018-06-07,,,1.0,This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Internet Browser Fixed in version 6.4.0.15. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TypedArray objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5326.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-20', 'CWE-416']",['cpe:2.3:a:samsung:samsung_internet_browser:*:*:*:*:*:*:*:*'],0,0
CVE-2018-10502,Samsung Electronics,0.00045,7.8,0.0,0.0,1.0,0.0,0,2018-09-24,1.0,2018-06-07,,,1.0,This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of a staging mode. The issue lies in the ability to change the configuration based on the presence of a file in an user-controlled location. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5359.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['CWE-20', 'CWE-269']",['cpe:2.3:a:samsung:galaxy_apps:*:*:*:*:*:*:*:*'],0,0
CVE-2018-21054,Samsung Electronics,0.00119,9.8,0.0,1.0,0.0,0.0,0,2020-04-08,0.0,,0.0,,,"An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer overflow in eCryptFS. The Samsung ID is SVE-2017-11857 (September 2018).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-190'],"['cpe:2.3:h:samsung:exynos_9610:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:h:qualcomm:msm8909:-:*:*:*:*:*:*:*', 'cpe:2.3:h:qualcomm:msm9830:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_5420:-:*:*:*:*:*:*:*', 'cpe:2.3:h:unisoc:sc7715:-:*:*:*:*:*:*:*', 'cpe:2.3:h:unisoc:sc7730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:unisoc:sc7731:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:qualcomm:msm8939:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:m6737t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:qualcomm:msm8996:-:*:*:*:*:*:*:*', 'cpe:2.3:h:qualcomm:sdm6xx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1:*:*:*:*:*:*:*']",0,0
CVE-2019-16253,Samsung Electronics,0.00042,7.8,0.0,0.0,1.0,0.0,0,2019-09-25,1.0,2019-09-25,,,1.0,"The Text-to-speech Engine (aka SamsungTTS) application before 3.0.02.7 and 3.0.00.101 for Android allows a local attacker to escalate privileges, e.g., to system privileges. The Samsung case ID is 101755.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:samsung:text-to-speech:*:*:*:*:*:android:*:*', 'cpe:2.3:a:samsung:text-to-speech:*:*:*:*:*:android:*:*']",0,0
CVE-2019-19273,Samsung Electronics,0.00051,7.8,0.0,1.0,0.0,0.0,0,2020-02-04,1.0,2020-01-31,,,1.0,"On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_note8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s8_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_8895:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20596,Samsung Electronics,0.00099,9.1,0.0,1.0,0.0,0.0,0,2020-03-24,0.0,,0.0,,,An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is information disclosure in the GateKeeper Trustlet. The Samsung ID is SVE-2019-13958 (June 2019).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,CRITICAL,3.9,5.2,['NVD-CWE-noinfo'],"['cpe:2.3:h:samsung:exynos:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*']",0,0
CVE-2020-10841,Samsung Electronics,0.00044,7.8,0.0,1.0,0.0,0.0,0,2020-03-24,0.0,,0.0,,,An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 9610 chipsets) software. There is an arbitrary kfree in the vipx and vertex drivers. The Samsung ID is SVE-2019-16294 (February 2020).,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_9610:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10848,Samsung Electronics,0.00106,9.8,0.0,1.0,0.0,0.0,0,2020-03-24,0.0,,0.0,,,"An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos 9810 chipsets) software. Arbitrary memory mapping exists in TEE. The Samsung ID is SVE-2019-16665 (February 2020).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_9810:-:*:*:*:*:*:*:*']",0,0
CVE-2020-15582,Samsung Electronics,0.00049,5.5,0.0,1.0,0.0,0.0,0,2020-07-07,0.0,,0.0,,,An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 7885 chipsets) software. The Bluetooth Low Energy (BLE) component has a buffer overflow with a resultant deadlock or crash. The Samsung ID is SVE-2020-16870 (July 2020).,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-119'],"['cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_7885:-:*:*:*:*:*:*:*']",0,0
CVE-2020-25056,Samsung Electronics,0.00066,7.5,0.0,1.0,0.0,0.0,0,2020-08-31,0.0,,0.0,,,"An issue was discovered on Samsung mobile devices with Q(10.0) (Galaxy S20) software. Because HAL improperly checks versions, bootloading by the S.LSI NFC chipset is mishandled. The Samsung ID is SVE-2020-16169 (August 2020).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-754'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s20:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22684,Samsung Electronics,0.00304,7.5,0.0,0.0,0.0,1.0,0,2021-08-31,1.0,2022-04-19,,,0.0,"Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-190'],['cpe:2.3:o:samsung:tizenrt:*:*:*:*:*:*:*:*'],0,0
CVE-2021-25401,Samsung Electronics,0.00042,7.8,0.0,0.0,1.0,0.0,0,2021-06-11,1.0,2021-05-30,,,1.0,Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['NVD-CWE-Other', 'CWE-20']",['cpe:2.3:a:samsung:health:*:*:*:*:*:*:*:*'],0,0
CVE-2021-25419,Samsung Electronics,0.00094,6.5,0.0,0.0,1.0,0.0,0,2021-06-11,1.0,2021-06-30,,,0.0,Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,"['NVD-CWE-noinfo', 'CWE-703']",['cpe:2.3:a:samsung:internet:*:*:*:*:*:*:*:*'],0,0
CVE-2021-25438,Samsung Electronics,0.00042,7.8,0.0,0.0,1.0,0.0,0,2021-07-08,1.0,2021-07-31,,,0.0,"Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['NVD-CWE-Other', 'CWE-284']","['cpe:2.3:a:samsung:members:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:*:*:*:*:*:*:*:*', 'cpe:2.3:a:samsung:members:3.9.10.11:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:*:*:*:*:*:*:*:*']",0,0
CVE-2021-25439,Samsung Electronics,0.00042,3.3,0.0,0.0,1.0,0.0,0,2021-07-08,1.0,2021-07-31,,,0.0,"Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,"['NVD-CWE-Other', 'CWE-284']","['cpe:2.3:a:samsung:members:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:*:*:*:*:*:*:*:*', 'cpe:2.3:a:samsung:members:3.9.10.11:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:*:*:*:*:*:*:*:*']",0,0
CVE-2021-25445,Samsung Electronics,0.00102,5.3,0.0,0.0,1.0,0.0,0,2021-08-05,1.0,2021-08-30,,,0.0,Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-287'],['cpe:2.3:a:samsung:internet:*:*:*:*:*:*:*:*'],0,0
CVE-2021-25446,Samsung Electronics,0.00104,5.3,0.0,1.0,0.0,1.0,0,2021-08-05,1.0,2021-08-30,,,0.0,Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE,MEDIUM,3.9,1.4,"['NVD-CWE-Other', 'CWE-284']","['cpe:2.3:h:samsung:smartthings:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:smartthings_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-25468,Samsung Electronics,0.00044,4.4,0.0,1.0,0.0,0.0,0,2021-10-06,1.0,2021-10-31,,,0.0,A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.8,3.6,"['NVD-CWE-noinfo', 'CWE-20']","['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos:-:*:*:*:*:*:*:*']",0,0
CVE-2021-25491,Samsung Electronics,0.00044,4.4,0.0,1.0,0.0,0.0,0,2021-10-06,1.0,2021-10-31,,,0.0,A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,0.8,3.6,['CWE-476'],"['cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos:-:*:*:*:*:*:*:*']",0,0
CVE-2021-39373,Samsung Electronics,0.00042,7.8,0.0,1.0,1.0,0.0,0,2021-09-01,0.0,,0.0,,,"Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management. WideCharToMultiByte, WideCharStr, and MultiByteStr can contribute to password exposure.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-522'],"['cpe:2.3:a:samsung:drive_manager:2.0.104:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:h3:-:*:*:*:*:*:*:*']",0,0
CVE-2022-22283,Samsung Electronics,0.00042,3.3,0.0,0.0,1.0,0.0,0,2022-01-10,1.0,2022-01-31,,,0.0,Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,"['CWE-613', 'CWE-287']",['cpe:2.3:a:samsung:health:*:*:*:*:*:*:*:*'],0,0
CVE-2022-27834,Samsung Electronics,0.00044,7.0,0.0,1.0,0.0,0.0,0,2022-04-11,1.0,2022-04-30,,,0.0,Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.0,5.9,"['CWE-416', 'CWE-367']","['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_9830:-:*:*:*:*:*:*:*']",0,0
CVE-2022-27842,Samsung Electronics,0.00058,7.8,0.0,0.0,1.0,0.0,0,2022-04-11,1.0,2022-04-30,,,0.0,DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to execute abitrary code.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['CWE-427', 'CWE-20']",['cpe:2.3:a:samsung:smart_switch_pc:*:*:*:*:*:*:*:*'],0,0
CVE-2022-30732,Samsung Electronics,0.00103,7.5,0.0,0.0,1.0,0.0,0,2022-06-07,1.0,2022-06-30,,,0.0,Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-668', 'CWE-200']",['cpe:2.3:a:samsung:account:*:*:*:*:*:*:*:*'],0,0
CVE-2022-30735,Samsung Electronics,0.00103,7.5,0.0,0.0,1.0,0.0,0,2022-06-07,1.0,2022-01-31,,,1.0,Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permission.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-269', 'CWE-200']",['cpe:2.3:a:samsung:account:*:*:*:*:*:*:*:*'],0,0
CVE-2022-36835,Samsung Electronics,0.00042,3.3,0.0,0.0,1.0,0.0,0,2022-08-05,1.0,2022-08-30,,,0.0,Implicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,"['NVD-CWE-noinfo', 'CWE-200']",['cpe:2.3:a:samsung:samsung_internet_browser:*:*:*:*:*:*:*:*'],0,0
CVE-2022-36851,Samsung Electronics,0.00057,4.6,0.0,0.0,1.0,0.0,0,2022-09-09,1.0,2022-09-30,,,0.0,Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.9,3.6,"['NVD-CWE-Other', 'CWE-284']",['cpe:2.3:a:samsung:samsung_pass:*:*:*:*:*:android:*:*'],0,0
CVE-2022-36865,Samsung Electronics,0.00042,3.3,0.0,0.0,1.0,0.0,0,2022-09-09,1.0,2022-09-30,,,0.0,"Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to access device information.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,"['NVD-CWE-Other', 'CWE-284']","['cpe:2.3:a:samsung:group_sharing:*:*:*:*:*:android:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:a:samsung:group_sharing:*:*:*:*:*:android:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*']",0,0
CVE-2022-36869,Samsung Electronics,0.00042,6.1,0.0,0.0,1.0,0.0,0,2022-09-09,1.0,2022-09-30,,,0.0,Improper access control vulnerability in ContactsDumpActivity of?Contacts Provider prior to version 12.7.59 allows attacker to access the file without permission.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,LOW,NONE,MEDIUM,1.8,4.2,"['NVD-CWE-Other', 'CWE-284']",['cpe:2.3:a:samsung:contacts_provider:*:*:*:*:*:android:*:*'],0,0
CVE-2022-36871,Samsung Electronics,0.00042,6.5,0.0,0.0,1.0,0.0,0,2022-09-09,1.0,2022-09-30,,,0.0,Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,NONE,NONE,MEDIUM,2.0,4.0,"['NVD-CWE-noinfo', 'CWE-285']","['cpe:2.3:a:samsung:samsung_pay:*:*:*:*:*:android:*:*', 'cpe:2.3:a:samsung:samsung_pay_kr:*:*:*:*:*:android:*:*']",0,0
CVE-2022-39889,Samsung Electronics,0.00042,3.3,0.0,0.0,1.0,0.0,0,2022-11-09,1.0,2022-11-30,,,0.0,Improper access control vulnerability in GalaxyWatch4Plugin prior to versions 2.2.11.22101351 and 2.2.12.22101351 allows attackers to access wearable device information.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,"['NVD-CWE-Other', 'CWE-284']","['cpe:2.3:a:samsung:galaxywatch4plugin:*:*:*:*:*:*:*:*', 'cpe:2.3:a:samsung:galaxywatch4plugin:2.2.11.22102751:*:*:*:*:*:*:*']",0,0
CVE-2022-39911,Samsung Electronics,0.00058,6.8,0.0,0.0,1.0,0.0,0,2022-12-08,1.0,2022-12-31,,,0.0,Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,"['NVD-CWE-Other', 'CWE-703']",['cpe:2.3:a:samsung:pass:*:*:*:*:*:*:*:*'],0,0
CVE-2022-40278,Samsung Electronics,0.0031,7.5,0.0,0.0,0.0,1.0,0,2022-09-29,0.0,,0.0,,,"An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_free after sqlite3_exec, leading to a denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-416'],"['cpe:2.3:o:samsung:tizenrt:1.0:m1:*:*:*:*:*:*', 'cpe:2.3:o:samsung:tizenrt:1.1:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:tizenrt:2.0:gbm_m1:*:*:*:*:*:*', 'cpe:2.3:o:samsung:tizenrt:2.0:m2:*:*:*:*:*:*', 'cpe:2.3:o:samsung:tizenrt:3.0:gbm:*:*:*:*:*:*', 'cpe:2.3:o:samsung:tizenrt:3.1:pre:*:*:*:*:*:*']",0,0
CVE-2016-1134,Buffalo,0.0009,8.8,0.0,1.0,0.0,1.0,1,2016-01-22,0.0,,1.0,2016-01-22,,"Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlier, WHR-300HP2 devices with firmware 1.90 and earlier, WHR-600D devices with firmware 1.90 and earlier, WMR-300 devices with firmware 1.90 and earlier, WMR-433 devices with firmware 1.01 and earlier, and WSR-1166DHP devices with firmware 1.01 and earlier allows remote attackers to hijack the authentication of arbitrary users.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:h:buffalotech:whr-1166dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalotech:whr-1166dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalotech:whr-300hp2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalotech:whr-300hp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalotech:wmr-300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalotech:wmr-300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalotech:bhr-4grv2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalotech:bhr-4grv2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalotech:wex-300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalotech:wex-300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalotech:whr-600d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalotech:whr-600d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalotech:wmr-433:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalotech:wmr-433_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalotech:wsr-1166dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalotech:wsr-1166dhp_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2016-4815,Buffalo,0.00377,7.5,0.0,1.0,0.0,1.0,1,2016-06-19,1.0,2016-05-27,,,1.0,Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:h:buffalo:wzr-900dhp2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-900dhp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-600dhp3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-600dhp3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-s900dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-s900dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-s600dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-s600dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-900dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-600dhp2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-600dhp2_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2016-4816,Buffalo,0.00268,6.5,0.0,1.0,0.0,1.0,1,2016-06-19,1.0,2016-05-27,,,1.0,BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-200'],"['cpe:2.3:h:buffalo:wzr-600dhp3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-600dhp3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:hw-450hp-zwe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:hw-450hp-zwe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-g450h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-g450h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-450hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-450hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-900dhp2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-900dhp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wcr-300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wcr-300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-450hp-cwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-450hp-cwt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-g301nh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-g301nh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wxr-1750dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wxr-1750dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-600dhp_firmware:1.97:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-1750dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-1750dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-s1750dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-s1750dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-s600dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-s600dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-g302h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-g302h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wapm-ag300n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wapm-ag300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-ag300h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-ag300h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-d1100h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-d1100h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wpl-05g300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wpl-05g300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-s900dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-s900dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:dwr-hp-g300nh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:dwr-hp-g300nh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-300hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-300hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-1750dhp2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-1166dhp2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-1166dhp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-300hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-300hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wapm-apg300n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wapm-apg300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-900dhp2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-900dhp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wxr-1900dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wxr-1900dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-900dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-900dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-1166dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-1166dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-hp-g300n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-hp-g300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:bhr-4grv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:bhr-4grv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-450hp-ub:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-450hp-ub_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-g300nh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-g300nh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:fs-600dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:fs-600dhp_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2016-7821,Buffalo,0.00304,6.5,0.0,1.0,0.0,1.0,1,2017-06-09,1.0,2017-04-21,,,1.0,Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-20'],"['cpe:2.3:o:buffalotech:wnc01wh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalotech:wnc01wh:-:*:*:*:*:*:*:*']",0,0
CVE-2017-10811,Buffalo,0.00044,6.8,0.0,1.0,0.0,1.0,1,2017-08-18,1.0,2017-08-04,,,1.0,Buffalo WCR-1166DS devices with firmware 1.30 and earlier allow an attacker to execute arbitrary OS commands via unspecified vectors.,CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-78'],"['cpe:2.3:o:buffalo:wcr-1166ds_firmware:1.30:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wcr-1166ds:-:*:*:*:*:*:*:*']",0,0
CVE-2017-10896,Buffalo,0.00076,6.1,0.0,1.0,0.0,1.0,1,2017-12-08,1.0,2017-12-01,,,1.0,Cross-site scripting vulnerability in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:buffalo:bbr-4mg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:bbr-4mg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:bbr-4mg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:bbr-4hg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:bbr-4hg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:bbr-4hg:-:*:*:*:*:*:*:*']",0,0
CVE-2017-10897,Buffalo,0.00044,4.5,0.0,1.0,0.0,1.0,1,2017-12-08,1.0,2017-12-01,,,1.0,Input validation issue in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to cause the device to become unresponsive via unspecified vectors.,CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,0.9,3.6,['CWE-20'],"['cpe:2.3:o:buffalo:bbr-4mg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:bbr-4mg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:bbr-4mg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:bbr-4hg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:bbr-4hg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:bbr-4hg:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2126,Buffalo,0.00375,9.8,0.0,1.0,0.0,1.0,1,2017-07-22,1.0,2017-07-18,,,1.0,"WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1.16.1 and earlier allows remote attackers to bypass authentication and access the configuration interface via unspecified vectors.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:h:buffalo:wapm-1166d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wapm-1166d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wapm-apg600h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wapm-apg600h_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2017-2152,Buffalo,0.00044,6.8,0.0,0.0,0.0,1.0,1,2017-04-28,0.0,,1.0,2017-04-21,,WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS commands via unspecified vectors.,CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-78'],"['cpe:2.3:o:buffalo_inc:wnc01wh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo_inc:wnc01wh:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2273,Buffalo,0.00075,8.8,0.0,1.0,0.0,1.0,1,2017-07-22,1.0,2017-06-06,,,1.0,"Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:h:buffalo:wmr-433:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wmr-433_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wmr-433w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wmr-433w_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2017-2274,Buffalo,0.00098,6.1,0.0,1.0,0.0,1.0,1,2017-07-22,1.0,2017-06-06,,,1.0,"Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:buffalo:wmr-433_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wmr-433:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wmr-433w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wmr-433w:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0521,Buffalo,0.00098,8.8,0.0,1.0,0.0,1.0,1,2018-03-09,1.0,2018-02-23,,,1.0,Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.,CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-306'],"['cpe:2.3:o:buffalo:wxr-1900dhp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wxr-1900dhp2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0522,Buffalo,0.00175,7.8,0.0,1.0,0.0,1.0,1,2018-03-09,1.0,2018-02-23,,,1.0,Buffer overflow in Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary code via a specially crafted file.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:buffalo:wxr-1900dhp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wxr-1900dhp2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0523,Buffalo,0.00078,8.8,0.0,1.0,0.0,1.0,1,2018-03-09,1.0,2018-02-23,,,1.0,Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.,CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:buffalo:wxr-1900dhp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wxr-1900dhp2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0554,Buffalo,0.00098,8.8,0.0,1.0,0.0,1.0,1,2018-04-09,1.0,2018-03-28,,,1.0,Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.,CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-306'],"['cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-1750dhp2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0555,Buffalo,0.00162,7.8,0.0,1.0,0.0,1.0,1,2018-04-09,1.0,2018-03-28,,,1.0,Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-1750dhp2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0556,Buffalo,0.00078,8.8,0.0,1.0,0.0,1.0,1,2018-04-09,1.0,2018-03-28,,,1.0,Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.,CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:buffalo:wzr-1750dhp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-1750dhp2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-13318,Buffalo,0.00337,7.2,0.0,1.0,0.0,1.0,1,2018-11-26,0.0,,0.0,,,"System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the ""name"" parameter.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:h:buffalo:ts5600d1206:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:ts5600d1206_firmware:3.61-0.10:*:*:*:*:*:*:*']",0,0
CVE-2018-13319,Buffalo,0.00453,7.5,0.0,1.0,0.0,1.0,1,2018-11-26,0.0,,0.0,,,Incorrect access control in get_portal_info in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to determine sensitive device information via an unauthenticated POST request.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:o:buffalo:ts5600d1206_firmware:3.61-0.10:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:ts5600d1206:-:*:*:*:*:*:*:*']",0,0
CVE-2018-13320,Buffalo,0.00337,7.2,0.0,1.0,0.0,1.0,1,2018-11-26,0.0,,0.0,,,System Command Injection in network.set_auth_settings in Buffalo TS5600D1206 version 3.70-0.10 allows attackers to execute system commands via the adminUsername and adminPassword parameters.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:buffalo:ts5600d1206_firmware:3.61-0.10:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:ts5600d1206:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20090,Buffalo,0.97135,9.8,0.0,1.0,0.0,1.0,1,2021-04-29,0.0,,1.0,2021-07-20,,A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 could allow unauthenticated remote attackers to bypass authentication.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-22'],"['cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wsr-2533dhpl2-bk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wsr-2533dhp3-bk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wsr-2533dhp3-bk:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20091,Buffalo,0.00928,8.8,0.0,1.0,0.0,1.0,1,2021-04-29,0.0,,1.0,2021-07-20,,"The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially gaining remote code execution.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:buffalo:wsr-2533dhpl2-bk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wsr-2533dhp3-bk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wsr-2533dhp3-bk_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-20092,Buffalo,0.01521,7.5,0.0,1.0,0.0,1.0,1,2021-04-29,0.0,,1.0,2021-07-20,,The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-287'],"['cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wsr-2533dhpl2-bk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wsr-2533dhp3-bk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wsr-2533dhp3-bk:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20730,Buffalo,0.00063,4.3,0.0,1.0,0.0,1.0,1,2021-06-09,1.0,2021-08-17,,,0.0,Improper access control vulnerability in WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allows an attacker to obtain configuration information via unspecified vectors.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,2.8,1.4,['NVD-CWE-Other'],"['cpe:2.3:h:buffalo:wsr-1166dhp4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wsr-1166dhp4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wsr-1166dhp3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wsr-1166dhp3_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-20731,Buffalo,0.00068,8.8,0.0,1.0,0.0,1.0,1,2021-06-09,1.0,2021-08-17,,,0.0,WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allow an attacker to execute arbitrary OS commands with root privileges via unspecified vectors.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:buffalo:wsr-1166dhp4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wsr-1166dhp4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wsr-1166dhp3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wsr-1166dhp3:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5605,Buffalo,0.00089,4.3,0.0,1.0,0.0,1.0,0,2020-09-18,0.0,,1.0,2020-09-11,,Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,2.8,1.4,['CWE-22'],"['cpe:2.3:h:buffalo:airstation_whr-g54s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:airstation_whr-g54s_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-5606,Buffalo,0.00124,6.1,0.0,1.0,0.0,1.0,0,2020-09-18,0.0,,1.0,2020-09-11,,Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:buffalo:airstation_whr-g54s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:airstation_whr-g54s:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3511,Buffalo,0.00102,4.3,0.0,1.0,0.0,1.0,0,2021-04-28,1.0,2021-04-27,,,1.0,"Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and prior, WHR-G301N firmware Ver.1.86 and prior, WHR-HP-G300N firmware Ver.1.99 and prior, WHR-HP-GN firmware Ver.1.86 and prior, WPL-05G300 firmware Ver.1.87 and prior, WZR-450HP-CWT firmware Ver.1.99 and prior, WZR-450HP-UB firmware Ver.1.99 and prior, WZR-HP-AG300H firmware Ver.1.75 and prior, WZR-HP-G300NH firmware Ver.1.83 and prior, WZR-HP-G301NH firmware Ver.1.83 and prior, WZR-HP-G302H firmware Ver.1.85 and prior, WZR-HP-G450H firmware Ver.1.89 and prior, WZR-300HP firmware Ver.1.99 and prior, WZR-450HP firmware Ver.1.99 and prior, WZR-600DHP firmware Ver.1.99 and prior, WZR-D1100H firmware Ver.1.99 and prior, FS-HP-G300N firmware Ver.3.32 and prior, FS-600DHP firmware Ver.3.38 and prior, FS-R600DHP firmware Ver.3.39 and prior, and FS-G300N firmware Ver.3.13 and prior) allows remote unauthenticated attackers to obtain information such as configuration via unspecified vectors.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,2.8,1.4,['NVD-CWE-Other'],"['cpe:2.3:o:buffalo:bhr-4grv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:bhr-4grv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:dwr-hp-g300nh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:dwr-hp-g300nh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:hw-450hp-zwe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:hw-450hp-zwe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-300hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-300hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-g301n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-g301n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-hp-g300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-hp-g300n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-hp-gn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-hp-gn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wpl-05g300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wpl-05g300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-450hp-cwt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-450hp-cwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-450hp-ub_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-450hp-ub:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-ag300h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-ag300h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-g300nh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-g300nh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-g301nh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-g301nh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-g302h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-g302h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-g450h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-g450h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-300hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-300hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-450hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-450hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-600dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-d1100h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-d1100h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:fs-hp-g300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:fs-hp-g300n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:fs-600dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:fs-600dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:fs-r600dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:fs-r600dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:fs-g300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:fs-g300n:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3512,Buffalo,0.00099,8.8,0.0,1.0,0.0,1.0,0,2021-04-28,1.0,2021-04-27,,,1.0,"Improper access control vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.99 and prior, WHR-300HP firmware Ver.1.99 and prior, WHR-300 firmware Ver.1.99 and prior, WHR-G301N firmware Ver.1.86 and prior, WHR-HP-G300N firmware Ver.1.99 and prior, WHR-HP-GN firmware Ver.1.86 and prior, WPL-05G300 firmware Ver.1.87 and prior, WZR-450HP-CWT firmware Ver.1.99 and prior, WZR-450HP-UB firmware Ver.1.99 and prior, WZR-HP-AG300H firmware Ver.1.75 and prior, WZR-HP-G300NH firmware Ver.1.83 and prior, WZR-HP-G301NH firmware Ver.1.83 and prior, WZR-HP-G302H firmware Ver.1.85 and prior, WZR-HP-G450H firmware Ver.1.89 and prior, WZR-300HP firmware Ver.1.99 and prior, WZR-450HP firmware Ver.1.99 and prior, WZR-600DHP firmware Ver.1.99 and prior, WZR-D1100H firmware Ver.1.99 and prior, FS-HP-G300N firmware Ver.3.32 and prior, FS-600DHP firmware Ver.3.38 and prior, FS-R600DHP firmware Ver.3.39 and prior, and FS-G300N firmware Ver.3.13 and prior) allows remote unauthenticated attackers to bypass access restriction and to start telnet service and execute arbitrary OS commands with root privileges via unspecified vectors.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:buffalo:bhr-4grv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:bhr-4grv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:dwr-hp-g300nh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:dwr-hp-g300nh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:hw-450hp-zwe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:hw-450hp-zwe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-300hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-300hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-g301n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-g301n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-hp-g300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-hp-g300n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:whr-hp-gn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:whr-hp-gn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wpl-05g300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wpl-05g300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-450hp-cwt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-450hp-cwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-450hp-ub_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-450hp-ub:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-ag300h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-ag300h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-g300nh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-g300nh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-g301nh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-g301nh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-g302h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-g302h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-hp-g450h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-hp-g450h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-300hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-300hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-450hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-450hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-600dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-600dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:wzr-d1100h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:wzr-d1100h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:fs-hp-g300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:fs-hp-g300n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:fs-600dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:fs-600dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:fs-r600dhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:fs-r600dhp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:buffalo:fs-g300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:buffalo:fs-g300n:-:*:*:*:*:*:*:*']",0,0
CVE-2016-1175,Sharp,0.00145,4.3,0.0,1.0,0.0,1.0,1,2016-04-05,1.0,2016-04-04,,,1.0,Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE,MEDIUM,2.8,1.4,['CWE-352'],"['cpe:2.3:h:sharp:aquos_hn-pp150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_hn-pp150_firmware:1.02.00.04:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_hn-pp150_firmware:1.03.01.04:*:*:*:*:*:*:*']",0,0
CVE-2017-10890,Sharp,0.00051,4.6,0.0,1.0,0.0,0.0,1,2017-11-17,1.0,2017-11-16,,,1.0,"Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware versions prior to 03.29.17.09, RX-CLV1-P firmware versions prior to 79.17.17.09, RX-CLV2-B firmware versions prior to 89.07.17.09, RX-CLV3-N firmware versions prior to 91.09.17.10 allows an attacker on the same LAN to perform arbitrary operations or access information via unspecified vectors.",CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,ADJACENT_NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,NONE,MEDIUM,2.1,2.5,['CWE-384'],"['cpe:2.3:o:sharp:rx-v200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:rx-v200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:rx-v100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:rx-v100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:rx-clv1-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:rx-clv1-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:rx-clv2-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:rx-clv2-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:rx-clv3-n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:rx-clv3-n:-:*:*:*:*:*:*:*']",0,0
CVE-2019-12762,Sharp,0.00044,4.2,0.0,1.0,0.0,1.0,1,2019-06-06,0.0,,0.0,,,"Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.",CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,PHYSICAL,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,0.5,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:mi:mi_5s_plus_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:mi_5s_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:xperia_z4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xperia_z4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_s6_edge_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s6_edge:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_s4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:nexus_7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:google:nexus_7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:nexus_9_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_zeta_sh-04f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:aquos_zeta_sh-04f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3929,Sharp,0.97362,9.8,1.0,1.0,0.0,1.0,1,2019-04-30,0.0,,0.0,,,"The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-78', 'CWE-79']","['cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*', 'cpe:2.3:o:barco:wepresent_wipg-1000p_firmware:2.3.0.10:*:*:*:*:*:*:*', 'cpe:2.3:h:barco:wepresent_wipg-1000p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:barco:wepresent_wipg-1600w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:barco:wepresent_wipg-1600w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:extron:sharelink_200_firmware:2.0.3.4:*:*:*:*:*:*:*', 'cpe:2.3:h:extron:sharelink_200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:extron:sharelink_250_firmware:2.0.3.4:*:*:*:*:*:*:*', 'cpe:2.3:h:extron:sharelink_250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:teqavit:wips710_firmware:1.1.0.7:*:*:*:*:*:*:*', 'cpe:2.3:h:teqavit:wips710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:pn-l703wa_firmware:1.4.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:pn-l703wa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:optoma:wps-pro_firmware:1.0.0.5:*:*:*:*:*:*:*', 'cpe:2.3:h:optoma:wps-pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:blackbox:hd_wireless_presentation_system_firmware:1.0.0.5:*:*:*:*:*:*:*', 'cpe:2.3:h:blackbox:hd_wireless_presentation_system:-:*:*:*:*:*:*:*', 'cpe:2.3:o:infocus:liteshow3_firmware:1.0.16:*:*:*:*:*:*:*', 'cpe:2.3:h:infocus:liteshow3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:infocus:liteshow4_firmware:2.0.0.7:*:*:*:*:*:*:*', 'cpe:2.3:h:infocus:liteshow4:-:*:*:*:*:*:*:*']",2,1
CVE-2019-3930,Sharp,0.01699,9.8,0.0,1.0,0.0,1.0,1,2019-04-30,0.0,,0.0,,,"The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so's PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:barco:wepresent_wipg-1000p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:barco:wepresent_wipg-1000p_firmware:2.3.0.10:*:*:*:*:*:*:*', 'cpe:2.3:h:barco:wepresent_wipg-1600w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:barco:wepresent_wipg-1600w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:extron:sharelink_200_firmware:2.0.3.4:*:*:*:*:*:*:*', 'cpe:2.3:h:extron:sharelink_200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:extron:sharelink_250_firmware:2.0.3.4:*:*:*:*:*:*:*', 'cpe:2.3:h:extron:sharelink_250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:teqavit:wips710_firmware:1.1.0.7:*:*:*:*:*:*:*', 'cpe:2.3:h:teqavit:wips710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:pn-l703wa_firmware:1.4.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:pn-l703wa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:optoma:wps-pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:optoma:wps-pro_firmware:1.0.0.5:*:*:*:*:*:*:*', 'cpe:2.3:h:blackbox:hd_wireless_presentation_system:-:*:*:*:*:*:*:*', 'cpe:2.3:o:blackbox:hd_wireless_presentation_system_firmware:1.0.0.5:*:*:*:*:*:*:*', 'cpe:2.3:o:infocus:liteshow3_firmware:1.0.16:*:*:*:*:*:*:*', 'cpe:2.3:h:infocus:liteshow3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:infocus:liteshow4_firmware:2.0.0.7:*:*:*:*:*:*:*', 'cpe:2.3:h:infocus:liteshow4:-:*:*:*:*:*:*:*']",0,0
CVE-2016-1176,Sharp,0.00319,6.3,0.0,0.0,1.0,0.0,0,2016-04-05,1.0,2016-04-04,,,1.0,Buffer overflow in the ActiveX control in Sharp EVA Animeter allows remote attackers to execute arbitrary code via a crafted web page.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,LOW,LOW,LOW,MEDIUM,2.8,3.4,['CWE-119'],['cpe:2.3:a:sharp:eva_animator:-:*:*:*:*:*:*:*'],0,0
CVE-2017-2189,Sharp,0.00078,7.8,0.0,0.0,1.0,0.0,0,2017-06-09,1.0,2017-08-23,,,0.0,Untrusted search path vulnerability in RW-4040 driver installer for Windows 7 version 2.27 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],['cpe:2.3:a:sharp:rw-4040:2.27:*:*:*:*:windows_7:*:*'],0,0
CVE-2017-2190,Sharp,0.00099,7.8,0.0,0.0,1.0,0.0,0,2017-06-09,1.0,2017-08-23,,,0.0,Untrusted search path vulnerability in RW-4040 tool to verify execution environment for Windows 7 version 1.2.0.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],['cpe:2.3:a:sharp:rw-4040:1.2.0.0:*:*:*:*:windows_7:*:*'],0,0
CVE-2017-2191,Sharp,0.00066,7.8,0.0,0.0,1.0,0.0,0,2017-06-09,1.0,2017-06-01,,,1.0,Untrusted search path vulnerability in RW-5100 driver installer for Windows 7 version 1.0.0.9 and RW-5100 driver installer for Windows 8.1 version 1.0.1.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],"['cpe:2.3:a:sharp:rw-5100_driver_installer_for_windows_7:1.0.0.9:*:*:*:*:*:*:*', 'cpe:2.3:a:sharp:rw-5100_driver_installer_for_windows_8.1:1.0.1.0:*:*:*:*:*:*:*']",0,0
CVE-2017-2192,Sharp,0.00099,7.8,0.0,0.0,1.0,0.0,0,2017-06-09,1.0,2017-08-23,,,0.0,Untrusted search path vulnerability in RW-5100 tool to verify execution environment for Windows 7 version 1.1.0.0 and RW-5100 tool to verify execution environment for Windows 8.1 version 1.2.0.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],"['cpe:2.3:a:sharp:rw-5100:1.1.0.0:*:*:*:*:windows_7:*:*', 'cpe:2.3:a:sharp:rw-5100:1.2.0.0:*:*:*:*:windows_8.1:*:*']",0,0
CVE-2020-5571,Sharp,0.00149,7.5,0.0,1.0,0.0,1.0,0,2020-04-23,1.0,2020-04-23,,,1.0,"SHARP AQUOS series (AQUOS SH-M02 build number 01.00.05 and earlier, AQUOS SH-RM02 build number 01.00.04 and earlier, AQUOS mini SH-M03 build number 01.00.04 and earlier, AQUOS Keitai SH-N01 build number 01.00.01 and earlier, AQUOS L2 (UQ mobile/J:COM) build number 01.00.05 and earlier, AQUOS sense lite SH-M05 build number 03.00.04 and earlier, AQUOS sense (UQ mobile) build number 03.00.03 and earlier, AQUOS compact SH-M06 build number 02.00.02 and earlier, AQUOS sense plus SH-M07 build number 02.00.02 and earlier, AQUOS sense2 SH-M08 build number 02.00.05 and earlier, and AQUOS sense2 (UQ mobile) build number 02.00.06 and earlier) allow an attacker to obtain the sensitive information of the device via malicious applications installed on the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:h:sharp:aquos_sh-m02:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_sh-m02_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:aquos_sh-rm02:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_sh-rm02_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:aquos_mini_sh-m03:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_mini_sh-m03_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:aquos_mini_sh-m03:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_mini_sh-m03_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:aquos_l2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_l2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:aquos_sense_lite_sh-m05:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_sense_lite_sh-m05_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:aquos_sense:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_sense_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:aquos_compact_sh-m06:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_compact_sh-m06_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_sense_plus_sh-m07_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:aquos_sense_plus_sh-m07:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_sense2_sh-m08_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:aquos_sense2_sh-m08:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_sense2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:aquos_sense2:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20698,Sharp,0.00222,9.8,0.0,1.0,0.0,1.0,0,2021-06-07,1.0,,,,0.0,"Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UX552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V984Q R2.000 and prior to it, C981Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it, P404 R3.200 and prior to it, P484 R3.200 and prior to it, P554 R3.200 and prior to it, V404 R3.200 and prior to it, V484 R3.200 and prior to it, V554 R3.200 and prior to it, V404-T R3.200 and prior to it, V484-T R3.200 and prior to it, V554-T R3.200 and prior to it, C501 R2.000 and prior to it, C551 R2.000 and prior to it, C431 R2.000 and prior to it) allows an attacker to obtain root privileges and execute remote code by sending unintended parameters that contain specific characters in http request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:sharp-nec-displays:un462a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un462a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un462va_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un462va:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un492s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un492s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un492vs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un492vs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un552a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un552a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un552s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un552s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un552vs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un552vs:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un552:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un552_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un552v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un552v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:ux552s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:ux552s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:ux552:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:ux552_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v864q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v864q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c861q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c861q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:p754q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:p754q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v754q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v754q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c751q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c751q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v984q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v984q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c981q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c981q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:p654q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:p654q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v654q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v654q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c651q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c651q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v554q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v554q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:p404_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:p404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:p484_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:p484:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:p554_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:p554:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v404_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v484_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v484:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v554_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v554:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v404-t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v404-t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v484-t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v484-t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v554-t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v554-t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c551_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c551:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c431_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c431:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20699,Sharp,0.00315,9.8,0.0,1.0,0.0,1.0,0,2021-06-07,1.0,,,,0.0,"Sharp NEC Displays ((UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 R1.300 and prior to it, UN552V R1.300 and prior to it, UX552S R1.300 and prior to it, UX552 R1.300 and prior to it, V864Q R2.000 and prior to it, C861Q R2.000 and prior to it, P754Q R2.000 and prior to it, V754Q R2.000 and prior to it, C751Q R2.000 and prior to it, V984Q R2.000 and prior to it, C981Q R2.000 and prior to it, P654Q R2.000 and prior to it, V654Q R2.000 and prior to it, C651Q R2.000 and prior to it, V554Q R2.000 and prior to it, P404 R3.200 and prior to it, P484 R3.200 and prior to it, P554 R3.200 and prior to it, V404 R3.200 and prior to it, V484 R3.200 and prior to it, V554 R3.200 and prior to it, V404-T R3.200 and prior to it, V484-T R3.200 and prior to it, V554-T R3.200 and prior to it, C501 R2.000 and prior to it, C551 R2.000 and prior to it, C431 R2.000 and prior to it) allows an attacker a buffer overflow and to execute remote code by sending long parameters that contains specific characters in http request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:sharp-nec-displays:un462a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un462a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un462va_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un462va:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un492s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un492s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un492vs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un492vs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un552a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un552a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un552s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un552s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un552vs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un552vs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un552_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un552:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:un552v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:un552v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:ux552s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:ux552s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:ux552_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:ux552:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v864q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v864q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c861q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c861q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:p754q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:p754q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v754q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v754q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c751q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c751q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v984q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v984q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c981q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c981q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:p654q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:p654q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v654q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v654q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c651q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c651q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v554q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v554q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:p404_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:p404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:p484_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:p484:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:p554_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:p554:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v404_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v484_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v484:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v554_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v554:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v404-t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v404-t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v484-t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v484-t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:v554-t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:v554-t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c551_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c551:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp-nec-displays:c431_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp-nec-displays:c431:-:*:*:*:*:*:*:*']",0,0
CVE-2016-1206,I-O Data,0.00246,4.3,0.0,1.0,0.0,1.0,1,2016-05-14,0.0,,1.0,2016-05-12,,"The WPS implementation on I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, WN-GDN/R3-S, and WN-GDN/R3-U devices does not limit PIN guesses, which allows remote attackers to obtain network access via a brute-force attack.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,2.8,1.4,['CWE-200'],"['cpe:2.3:o:iodata:wn-gdn\\/r3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-gdn\\/r3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-gdn\\/r3-c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-gdn\\/r3-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-gdn\\/r3-u:-:*:*:*:*:*:*:*']",0,0
CVE-2016-1207,I-O Data,0.00088,5.4,0.0,1.0,0.0,1.0,1,2016-05-14,1.0,2016-05-12,,,1.0,"Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R devices with firmware 1.12 and earlier, WN-G300R2 devices with firmware 1.12 and earlier, and WN-G300R3 devices with firmware 1.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:h:iodata:wn-g300r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-g300r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-g300r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-g300r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-g300r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-g300r_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2016-4820,I-O Data,0.00157,8.8,0.0,1.0,0.0,1.0,1,2016-06-19,0.0,,1.0,2016-06-14,,Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ETX-R devices allows remote attackers to hijack the authentication of arbitrary users.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:iodata:etx-r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:etx-r:-:*:*:*:*:*:*:*']",0,0
CVE-2016-4821,I-O Data,0.00393,5.3,0.0,1.0,0.0,1.0,1,2016-06-19,0.0,,1.0,2016-06-14,,I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,['NVD-CWE-noinfo'],"['cpe:2.3:o:iodata:etx-r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:etx-r:-:*:*:*:*:*:*:*']",0,0
CVE-2016-4845,I-O Data,0.00321,8.8,0.0,1.0,0.0,1.0,1,2016-09-24,1.0,2016-08-08,,,1.0,"Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:iodata:hvl-a2.0_firmware:2.03:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-a3.0_firmware:2.03:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-a4.0_firmware:2.03:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-at1.0s_firmware:2.03:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-at2.0_firmware:2.03:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-at2.0a_firmware:2.03:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-at3.0_firmware:2.03:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-at3.0a_firmware:2.03:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-at4.0_firmware:2.03:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-at4.0a_firmware:2.03:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hvl-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hvl-at:-:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hvl-ata:-:*:*:*:*:*:*:*']",0,0
CVE-2016-7806,I-O Data,0.00707,9.8,0.0,1.0,0.0,1.0,1,2017-06-09,1.0,2016-11-15,,,1.0,I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:iodata:wfs-sr01_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wfs-sr01:-:*:*:*:*:*:*:*']",0,0
CVE-2016-7807,I-O Data,0.00259,7.5,0.0,1.0,0.0,1.0,1,2017-06-09,1.0,2016-11-15,,,1.0,I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to bypass access restriction to access data on storage devices inserted into the product via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-284'],"['cpe:2.3:o:iodata:wfs-sr01_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wfs-sr01:-:*:*:*:*:*:*:*']",0,0
CVE-2016-7814,I-O Data,0.002,7.5,0.0,0.0,0.0,1.0,1,2017-06-09,1.0,2016-11-11,,,1.0,I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and TS-WRLA firmware version 1.00.01 and earlier allow remote attackers to obtain authentication credentials via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:o:iodata:ts-wrlp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrlp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wrla_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrla:-:*:*:*:*:*:*:*']",0,0
CVE-2016-7819,I-O Data,0.00175,7.2,0.0,0.0,0.0,1.0,1,2017-06-09,1.0,2016-11-30,,,1.0,I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:iodata:ts-wrlp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrlp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wrla_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrla:-:*:*:*:*:*:*:*']",0,0
CVE-2016-7820,I-O Data,0.00357,7.2,0.0,0.0,0.0,1.0,1,2017-06-09,1.0,2016-11-30,,,1.0,Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to cause a denial-of-service (DoS) or execute arbitrary code via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-119'],"['cpe:2.3:o:iodata:ts-wrlp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrlp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wrla_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrla:-:*:*:*:*:*:*:*']",0,0
CVE-2017-10875,I-O Data,0.0008,7.5,0.0,1.0,0.0,1.0,1,2017-11-13,1.0,2017-11-06,,,1.0,I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an attacker to cause a denial of service in the application via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-119'],"['cpe:2.3:o:iodata:lan_disk_connect_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:lan_disk_connect:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2112,I-O Data,0.0057,8.8,0.0,1.0,0.0,1.0,1,2017-04-28,1.0,2017-03-08,,,1.0,"TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:iodata:ts-ptcam\\/poe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-ptcam\\/poe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-ptcam_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-ptcam:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wrlc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrlc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wlc2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wlc2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wlce_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wlce:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wptcam2_firmware:1.00:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wptcam2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wptcam_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wptcam:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2113,I-O Data,0.00601,8.8,0.0,1.0,0.0,1.0,1,2017-04-28,1.0,2017-03-08,,,1.0,"Buffer overflow in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18 and earlier, TS-PTCAM/POE firmware version 1.18 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-119'],"['cpe:2.3:o:iodata:ts-ptcam\\/poe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-ptcam\\/poe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-ptcam_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-ptcam:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wrlc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrlc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wlc2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wlc2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wlce_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wlce:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wptcam2_firmware:1.00:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wptcam2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wptcam_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wptcam:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2141,I-O Data,0.00104,7.2,0.0,1.0,0.0,1.0,1,2017-04-28,1.0,2017-04-10,,,1.0,WN-G300R3 firmware 1.03 and earlier allows attackers with administrator rights to execute arbitrary OS commands via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:iodata:wn-g300r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-g300r3:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2142,I-O Data,0.00505,9.8,0.0,1.0,0.0,1.0,1,2017-04-28,1.0,2017-04-10,,,1.0,Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:iodata:wn-g300r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-g300r3:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2148,I-O Data,0.00081,5.4,0.0,1.0,0.0,1.0,1,2017-04-28,1.0,2017-04-14,,,1.0,Cross-site scripting vulnerability in WN-AC1167GR firmware version 1.04 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:iodata:wn-ac1167gr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-ac1167gr:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2223,I-O Data,0.00236,8.8,0.0,1.0,0.0,1.0,1,2017-07-07,1.0,2017-06-20,,,1.0,"Cross-site request forgery (CSRF) vulnerability in TS-WPTCAM, TS-PTCAM, TS-PTCAM/POE, TS-WLC2, TS-WLCE, TS-WRLC firmware version 1.19 and earlier and TS-WPTCAM2 firmware version 1.01 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:iodata:ts-wptcam_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wptcam_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-ptcam_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-ptcam_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-ptcam\\/poe_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-ptcam\\/poe_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wlc2_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wlc2_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wlce_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wlce_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wrlc_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrlc_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wptcam2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wptcam2:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2280,I-O Data,0.0009,8.8,0.0,1.0,0.0,1.0,1,2017-08-02,1.0,2017-07-27,,,1.0,WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device.,CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-798'],"['cpe:2.3:o:iodata:wn-ax1167gr_firmware:3.00:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-ax1167gr:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2283,I-O Data,0.00044,8.0,0.0,1.0,0.0,0.0,1,2017-08-02,1.0,2017-07-27,,,1.0,WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an attacker that can access the device to execute arbitrary code on the device.,CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['CWE-798'],"['cpe:2.3:h:iodata:wn-g300r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-g300r3_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-0512,I-O Data,0.00044,6.8,0.0,1.0,0.0,1.0,1,2018-02-08,1.0,2018-02-08,,,1.0,"Devices with IP address setting tool ""MagicalFinder"" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.",CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-78'],"['cpe:2.3:o:iodata:hdl-xr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl-xr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hdl-xrw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl-xrw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hdl-xr2u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl-xr2u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hdl-xr2uw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl-xr2uw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hdl-xv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl-xv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hdl-xvw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl-xvw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hdl-gt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl-gt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hdl-gtr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl-gtr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hdl-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hdl-ah_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl-ah:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hdl2-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl2-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hdl2-ah_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl2-ah:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hdl-t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hdl-t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hls-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hls-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hvl-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-at_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hvl-at:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-ata_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hvl-ata:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hvl-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hvl-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:hfas1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:hfas1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:whg-napg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:whg-napg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:whg-napga_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:whg-napga:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:whg-napgal_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:whg-napgal:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:whg-ac1750a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:whg-ac1750a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:whg-ac1750_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:whg-ac1750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:whg-ac1750al_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:whg-ac1750al:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-ax1167gr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-ax1167gr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-gx300gr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-gx300gr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wnpr2600g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wnpr2600g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wnpr1750g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wnpr1750g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wnpr1167g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wnpr1167g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wnpr1167f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wnpr1167f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-ag750dgr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-ag750dgr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-g300r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-g300r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-g300r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-g300r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-ag300dgr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-ag300dgr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-ac1600dgr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-ac1600dgr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-ac1167dgr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-ac1167dgr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-g300ex_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-g300ex:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-ac1300ex_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-ac1300ex:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-ac583trk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-ac583trk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-ac583rk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-ac583rk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-g300sr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-g300sr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:bx-vp1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:bx-vp1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:gv-ntx1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:gv-ntx1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:gv-ntx2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:gv-ntx2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0661,I-O Data,0.00077,8.8,0.0,0.0,0.0,1.0,1,2018-09-07,1.0,2018-08-07,,,1.0,"Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:iodata:ts-wrlp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrlp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wrlp\\/e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrlp\\/e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wrla_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrla:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0662,I-O Data,0.00099,6.8,0.0,0.0,0.0,1.0,1,2018-09-07,1.0,2018-08-07,,,1.0,"Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to add malicious files on the device and execute arbitrary code.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:iodata:ts-wrlp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrlp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wrlp\\/e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrlp\\/e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wrla_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrla:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0663,I-O Data,0.0025,8.8,0.0,0.0,0.0,1.0,1,2018-09-07,1.0,2018-08-07,,,1.0,"Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via unspecified vector.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-798'],"['cpe:2.3:o:iodata:ts-wrlp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrlp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wrlp\\/e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrlp\\/e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:ts-wrla_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:ts-wrla:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19822,I-O Data,0.0158,7.5,0.0,1.0,0.0,1.0,1,2020-01-27,0.0,,0.0,,,"A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords). This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:h:totolink:a3002ru:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:a3002ru_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:a702r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:a702r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:n302r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:n302r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:n300rt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:n300rt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:n200re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:n200re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:n150rt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:n150rt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:n100re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:n100re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:realtek:rtk_11n_ap:-:*:*:*:*:*:*:*', 'cpe:2.3:o:realtek:rtk_11n_ap_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:sapido:gr297n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sapido:gr297n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ciktel:mesh_router_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ciktel:mesh_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:kctvjeju:wireless_ap_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:kctvjeju:wireless_ap:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fg-products:fgn-r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fg-products:fgn-r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hiwifi:max-c300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hiwifi:max-c300n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tbroad:gn-866ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tbroad:gn-866ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:coship:emta_ap_firmwre:*:*:*:*:*:*:*:*', 'cpe:2.3:h:coship:emta_ap:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-ac1167r_firmwre:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-ac1167r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hcn_max-c300n_project:hcn_max-c300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hcn_max-c300n_project:hcn_max-c300n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:n301rt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:n301rt:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19823,I-O Data,0.00744,7.5,0.0,1.0,0.0,1.0,1,2020-01-27,0.0,,0.0,,,"A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-522'],"['cpe:2.3:o:totolink:a3002ru_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:a3002ru:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:a702r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:a702r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:n302r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:n302r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:n300rt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:n300rt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:n200re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:n200re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:n150rt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:n150rt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:n100re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:n100re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:realtek:rtk_11n_ap_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:realtek:rtk_11n_ap:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sapido:gr297n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sapido:gr297n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ciktel:mesh_router_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ciktel:mesh_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:kctvjeju:wireless_ap_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:kctvjeju:wireless_ap:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fg-products:fgn-r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fg-products:fgn-r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hiwifi:max-c300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hiwifi:max-c300n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tbroad:gn-866ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tbroad:gn-866ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:coship:emta_ap_firmwre:*:*:*:*:*:*:*:*', 'cpe:2.3:h:coship:emta_ap:-:*:*:*:*:*:*:*', 'cpe:2.3:o:iodata:wn-ac1167r_firmwre:*:*:*:*:*:*:*:*', 'cpe:2.3:h:iodata:wn-ac1167r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hcn_max-c300n_project:hcn_max-c300n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hcn_max-c300n_project:hcn_max-c300n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:totolink:n301rt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:totolink:n301rt:-:*:*:*:*:*:*:*']",0,0
CVE-2016-2280,Honeywell,0.00329,7.5,0.0,0.0,1.0,0.0,1,2016-04-21,1.0,2016-01-27,,,1.0,"Buffer overflow in RDISERVER in Honeywell Uniformance Process History Database (PHD) R310, R320, and R321 allows remote attackers to cause a denial of service (service outage) via unspecified vectors.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-119'],"['cpe:2.3:a:honeywell:uniformance_process_history_database:r310:*:*:*:*:*:*:*', 'cpe:2.3:a:honeywell:uniformance_process_history_database:r320:*:*:*:*:*:*:*', 'cpe:2.3:a:honeywell:uniformance_process_history_database:r321:*:*:*:*:*:*:*']",0,0
CVE-2016-8344,Honeywell,0.00083,3.7,0.0,0.0,1.0,0.0,1,2017-02-13,1.0,2016-10-27,,,1.0,"An issue was discovered in Honeywell Experion Process Knowledge System (PKS) platform: Experion PKS, Release 3xx and prior, Experion PKS, Release 400, Experion PKS, Release 410, Experion PKS, Release 430, and Experion PKS, Release 431. Experion PKS does not properly validate input. By sending a specially crafted packet, an attacker could cause the process to terminate. A successful exploit would prevent firmware uploads to the Series-C devices.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,LOW,LOW,2.2,1.4,['CWE-20'],"['cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:honeywell:experion_process_knowledge_system:410:*:*:*:*:*:*:*', 'cpe:2.3:a:honeywell:experion_process_knowledge_system:430:*:*:*:*:*:*:*', 'cpe:2.3:a:honeywell:experion_process_knowledge_system:431:*:*:*:*:*:*:*', 'cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*:*']",0,0
CVE-2017-14263,Honeywell,0.00655,8.1,0.0,1.0,0.0,1.0,1,2017-09-11,0.0,,0.0,,,"Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a userManager.addUser request to the /RPC2 URI. The attacker can login to the device with that new user account to fully control the device.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-384'],"['cpe:2.3:o:honeywell:enterprise_dvr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:enterprise_dvr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:maxpro_nvr_hybrid_se_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:maxpro_nvr_hybrid_se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:maxpro_nvr_hybrid_xe_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:maxpro_nvr_hybrid_xe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:maxpro_nvr_se_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:maxpro_nvr_se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:maxpro_nvr_xe_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:maxpro_nvr_xe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:fusion_iv_rev_c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:fusion_iv_rev_c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:maxpro_nvr_pe_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:maxpro_nvr_pe:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5139,Honeywell,0.00207,9.8,0.0,1.0,0.0,1.0,1,2017-02-13,1.0,2017-02-02,,,1.0,"An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Any user is able to disclose a password by accessing a specific URL, because of Plaintext Storage of a Password.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:honeywell:xl_web_ii_controller:xlwebexe-1-02-08:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:xl_web_ii_controller:xlwebexe-2-01-00:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:xl_web_ii_controller:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5140,Honeywell,0.00207,9.8,0.0,1.0,0.0,1.0,1,2017-02-13,1.0,2017-02-02,,,1.0,"An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Password is stored in clear text.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:honeywell:xl_web_ii_controller:xlwebexe-1-02-08:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:xl_web_ii_controller:xlwebexe-2-01-00:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:xl_web_ii_controller:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5141,Honeywell,0.00084,6.0,0.0,1.0,0.0,1.0,1,2017-02-13,1.0,2017-02-02,,,1.0,"An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. An attacker can establish a new user session, without invalidating any existing session identifier, which gives the opportunity to steal authenticated sessions (SESSION FIXATION).",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,LOW,LOW,MEDIUM,1.2,4.7,['CWE-384'],"['cpe:2.3:o:honeywell:xl_web_ii_controller:xlwebexe-1-02-08:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:xl_web_ii_controller:xlwebexe-2-01-00:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:xl_web_ii_controller:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5142,Honeywell,0.00092,9.1,0.0,1.0,0.0,1.0,1,2017-02-13,1.0,2017-02-02,,,1.0,"An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. A user with low privileges is able to open and change the parameters by accessing a specific URL because of Improper Privilege Management.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,LOW,LOW,CRITICAL,3.1,5.3,['CWE-269'],"['cpe:2.3:o:honeywell:xl_web_ii_controller:xlwebexe-1-02-08:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:xl_web_ii_controller:xlwebexe-2-01-00:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:xl_web_ii_controller:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5143,Honeywell,0.00148,8.6,0.0,1.0,0.0,1.0,1,2017-02-13,1.0,2017-02-02,,,1.0,"An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. A user without authenticating can make a directory traversal attack by accessing a specific URL.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,LOW,LOW,HIGH,3.9,4.7,['CWE-22'],"['cpe:2.3:o:honeywell:xl_web_ii_controller:xlwebexe-1-02-08:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:xl_web_ii_controller:xlwebexe-2-01-00:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:xl_web_ii_controller:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5671,Honeywell,0.00045,8.8,1.0,1.0,0.0,1.0,1,2017-03-29,1.0,2017-03-12,,,1.0,"Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriting the /etc/shadow file.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,2.0,6.0,['CWE-269'],"['cpe:2.3:h:honeywell:intermec_pc23:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:intermec_pc42:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:intermec_pc43:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:intermec_pd43:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:intermec_pm23:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:intermec_pm42:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:intermec_pm43:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:intermec_pc23_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:intermec_pc42_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:intermec_pc43_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:intermec_pd43_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:intermec_pm23_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:intermec_pm42_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:intermec_pm43_firmware:*:*:*:*:*:*:*:*']",1,0
CVE-2019-13523,Honeywell,0.00131,5.3,0.0,1.0,0.0,1.0,1,2019-09-26,1.0,2019-09-17,,,1.0,"In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,"['CWE-306', 'CWE-200']","['cpe:2.3:o:honeywell:hbd3pr2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbd3pr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4d3prv3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4d3prv3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hed3pr3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hed3pr3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4d3prv2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4d3prv2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbd3pr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbd3pr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w8pr2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w8pr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw8pr2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw8pr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h2w2pc1m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h2w2pc1m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h2w4per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h2w4per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h2w2per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h2w2per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew2per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew2per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew4per3b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew4per3b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2per1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2per1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew4per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew4per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew4per2b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew4per2b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew2per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew2per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w2per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w2per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w2per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w2per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hpw2p1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hpw2p1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen08104_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen08104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen08144_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen08144:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen081124_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen081124:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen16104_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen16104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen16144_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen16144:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen16184_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen16184:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen16204_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen16204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen162244_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen162244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen16284_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen16284:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen16304_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen16304:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen16384_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen16384:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen32104_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen32104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen321124_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen321124:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen32204_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen32204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen32284_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen32284:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen322164_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen322164:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen32304_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen32304:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen32384_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen32384:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen323164_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen323164:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen64204_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen64204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen64304_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen64304:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen643164_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen643164:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen643324_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen643324:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen643484_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen643484:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen04103_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen04103:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen04113_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen04113:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen04123_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen04123:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen08103_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen08103:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen08113_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen08113:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen08123_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen08123:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen08143_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen08143:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen16103_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen16103:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen16123_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen16123:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen16143_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen16143:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen16163_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen16163:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen04103l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen04103l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen08103l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen08103l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen16103l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen16103l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hen32103l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hen32103l:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18226,Honeywell,0.00213,9.8,0.0,1.0,0.0,1.0,1,2019-10-31,1.0,2019-10-31,,,1.0,"Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibility with legacy products.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-294'],"['cpe:2.3:o:honeywell:h2w2pc1m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h2w2pc1m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h2w2per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h2w2per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h2w4per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h2w4per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w2per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w2per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w2per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w2per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w4per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w4per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w4per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w4per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w8pr2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w8pr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbd2per1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbd2per1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2per1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2per1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw4per1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw4per1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw4per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw4per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw4pgr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw4pgr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw8pr2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw8pr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hed2per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hed2per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew2per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew2per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew2per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew2per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew4per2b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew4per2b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew4per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew4per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew4per3b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew4per3b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew4per2b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew4per2b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdzp252di_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdzp252di:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdzp304di_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdzp304di:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hpw2p1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hpw2p1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h2w2gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h2w2gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h3w2gr1v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h3w2gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h3w4gr1v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h3w4gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h3w2gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h3w2gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h3w2gr2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h3w2gr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h3w4gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h3w4gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4l2gr1v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4l2gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w2gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w2gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w2gr1v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w2gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w4gr1v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w4gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4l2gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4l2gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w2gr2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w2gr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w4gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w4gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4l6gr2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4l6gr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hm4l8gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hm4l8gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4d8gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4d8gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbl2gr1v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbl2gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2gr1v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2gr3v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2gr3v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw4gr1v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw4gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbl6gr2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbl6gr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hmbl8gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hmbl8gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbd8gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbd8gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hfd6gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hfd6gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hfd8gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hfd8gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302liw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302liw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302lik_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302lik:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302de_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302de:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302din-c1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302din-c1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302din-s1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302din-s1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hepz302w0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hepz302w0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hcl2gv_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hcl2gv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hcl2g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hcl2g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hcw2g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hcw2g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hcw4g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hcw4g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hcd8g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hcd8g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hsw2g1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hsw2g1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hswb2g1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hswb2g1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hcw2gv_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hcw2gv:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18228,Honeywell,0.0011,7.5,0.0,1.0,0.0,1.0,1,2019-10-31,1.0,2019-10-31,,,1.0,"Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:o:honeywell:h2w2pc1m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h2w2pc1m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h2w2per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h2w2per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h2w4per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h2w4per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w2per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w2per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w2per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w2per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w4per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w4per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w4per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w4per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w8pr2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w8pr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbd2per1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbd2per1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2per1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2per1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw4per1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw4per1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw4per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw4per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw4pgr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw4pgr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw8pr2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw8pr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hed2per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hed2per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew2per2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew2per2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew2per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew2per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew4per2b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew4per2b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew4per3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew4per3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew4per3b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew4per3b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hew4per2b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hew4per2b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdzp252di_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdzp252di:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdzp304di_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdzp304di:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hpw2p1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hpw2p1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h2w2gr1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h2w2gr1:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18230,Honeywell,0.00162,7.5,0.0,1.0,0.0,1.0,1,2019-10-31,1.0,2019-10-31,,,1.0,"Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:o:honeywell:h4d8pr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4d8pr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hfd5pr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hfd5pr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hpw2p1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hpw2p1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdzp304di_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdzp304di:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdzp252di_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdzp252di:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302din-s1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302din-s1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302lik_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302lik:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302liw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302liw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hfd6gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hfd6gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hfd8gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hfd8gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hm4l8gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hm4l8gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hmbl8gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hmbl8gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h2w2gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h2w2gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h3w2gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h3w2gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h3w2gr1v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h3w2gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h3w2gr2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h3w2gr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h3w4gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h3w4gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h3w4gr1v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h3w4gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4d8gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4d8gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4l2gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4l2gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4l2gr1v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4l2gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4l6gr2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4l6gr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4lggr2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4lggr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w2gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w2gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w2gr1v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w2gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w2gr2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w2gr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w4gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w4gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:h4w4gr1v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:h4w4gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbd8gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbd8gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbl2gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbl2gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbl2gr1v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbl2gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbl6gr2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbl6gr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbl6gr2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbl6gr2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2gr1v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2gr3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2gr3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2gr3v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2gr3v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw4gr1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw4gr1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw4gr1v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw4gr1v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hcd8g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hcd8g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hcl2g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hcl2g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hcl2gv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hcl2gv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hcw2g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hcw2g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hcw2gv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hcw2gv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hcw4g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hcw4g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302de_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302de:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302din_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302din:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdz302din-c1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdz302din-c1:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10624,Honeywell,0.00162,7.5,0.0,1.0,0.0,1.0,1,2020-06-26,0.0,,1.0,2020-06-23,,"ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes a session token on the network.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-319'],"['cpe:2.3:o:honeywell:controledge_plc_firmware:r130.2:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_plc_firmware:r140:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_plc_firmware:r150:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_plc_firmware:r151:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:controledge_plc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_rtu_firmware:r101:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_rtu_firmware:r110:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_rtu_firmware:r140:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_rtu_firmware:r150:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_rtu_firmware:r151:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:controledge_rtu:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10628,Honeywell,0.00162,7.5,0.0,1.0,0.0,1.0,1,2020-06-26,0.0,,1.0,2020-06-23,,"ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes unencrypted passwords on the network.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-319'],"['cpe:2.3:o:honeywell:controledge_plc_firmware:r130.2:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_plc_firmware:r140:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_plc_firmware:r150:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_plc_firmware:r151:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:controledge_plc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_rtu_firmware:r101:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_rtu_firmware:r110:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_rtu_firmware:r140:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_rtu_firmware:r150:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_rtu_firmware:r151:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:controledge_rtu:-:*:*:*:*:*:*:*']",0,0
CVE-2020-6959,Honeywell,0.01573,9.8,0.0,1.0,0.0,1.0,1,2020-01-22,1.0,2020-01-21,,,1.0,"The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR PE prior to Version NVR 5.6 Build 595 T2-Patch, and MPNVRSWXX prior to Version NVR 5.6 Build 595 T2-Patch are vulnerable to an unsafe deserialization of untrusted data. An attacker may be able to remotely modify deserialized data without authentication using a specially crafted web request, resulting in remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-502'],"['cpe:2.3:h:honeywell:maxpro_nvr_xe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:maxpro_nvr_xe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:maxpro_nvr_se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:maxpro_nvr_se_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:maxpro_nvr_pe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:maxpro_nvr_pe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:mpnvrswxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:mpnvrswxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hnmswvms:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hnmswvms_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hnmswvmslt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hnmswvmslt_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-6960,Honeywell,0.00132,9.8,0.0,1.0,0.0,1.0,1,2020-01-22,1.0,2020-01-21,,,1.0,"The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR PE prior to Version NVR 5.6 Build 595 T2-Patch, and MPNVRSWXX prior to Version NVR 5.6 Build 595 T2-Patch contain an SQL injection vulnerability that could give an attacker remote unauthenticated access to the web user interface with administrator-level privileges.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-89'],"['cpe:2.3:o:honeywell:maxpro_nvr_xe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:maxpro_nvr_xe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:maxpro_nvr_se_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:maxpro_nvr_se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:maxpro_nvr_pe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:maxpro_nvr_pe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:mpnvrswxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:mpnvrswxx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hnmswvms:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hnmswvms_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hnmswvmslt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hnmswvmslt_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-6972,Honeywell,0.00158,9.1,0.0,0.0,1.0,0.0,1,2020-03-24,1.0,2020-02-20,,,1.0,"In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['CWE-294'],['cpe:2.3:a:honeywell:notifier_webserver:*:*:*:*:*:*:*:*'],0,0
CVE-2020-6974,Honeywell,0.0037,9.8,0.0,0.0,1.0,0.0,1,2020-04-07,1.0,2020-02-20,,,1.0,"Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-22'],['cpe:2.3:a:honeywell:notifier_webserver:*:*:*:*:*:*:*:*'],0,0
CVE-2022-30318,Honeywell,0.00384,9.8,0.0,1.0,0.0,1.0,1,2022-08-31,1.0,2022-08-30,,,1.0,"Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of service. The Honeywell ControlEdge PLC and RTU product line exposes an SSH service on port 22/TCP. Login as root to this service is permitted and credentials for the root user are hardcoded without automatically changing them upon first commissioning. The credentials for the SSH service are hardcoded in the firmware. The credentials grant an attacker access to a root shell on the PLC/RTU, allowing for remote code execution, configuration manipulation and denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:honeywell:controledge_plc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:controledge_plc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:controledge_rtu_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:controledge_rtu:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14825,Honeywell,0.00097,5.8,0.0,1.0,0.0,0.0,0,2018-09-24,1.0,2018-09-13,,,1.0,"On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40 running Android OS 7.1, CK75 running Android OS 6.0, CN75 running Android OS 6.0, CN75e running Android OS 6.0, CT50 running Android OS 6.0, D75e running Android OS 6.0, CT50 running Android OS 4.4, D75e running Android OS 4.4, CN51 running Android OS 6.0, EDA50k running Android 4.4, EDA50 running Android OS 7.1, EDA50k running Android OS 7.1, EDA70 running Android OS 7.1, EDA60k running Android OS 7.1, and EDA51 running Android OS 8.1), a skilled attacker with advanced knowledge of the target system could exploit this vulnerability by creating an application that would successfully bind to the service and gain elevated system privileges. This could enable the attacker to obtain access to keystrokes, passwords, personal identifiable information, photos, emails, or business-critical documents.",CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,LOW,LOW,HIGH,MEDIUM,1.0,4.7,"['CWE-732', 'CWE-269']","['cpe:2.3:h:honeywell:cn80:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:ct40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:ct60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:eda50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:eda50k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:eda60k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:eda70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:ck75:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:cn51:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:cn75:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:cn75e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:d75e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:ct50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:d75e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:eda50k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:eda51:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*']",0,0
CVE-2019-13525,Honeywell,0.00131,5.3,0.0,1.0,0.0,0.0,0,2019-10-25,1.0,2019-10-24,,,1.0,"In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-306'],"['cpe:2.3:h:honeywell:ip-ak2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:ip-ak2_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-27274,Honeywell,0.00137,7.5,0.0,0.0,1.0,0.0,0,2021-01-26,1.0,2021-01-21,,,1.0,"Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-754'],['cpe:2.3:a:honeywell:opc_ua_tunneller:*:*:*:*:*:*:*:*'],0,0
CVE-2020-27295,Honeywell,0.001,7.5,0.0,0.0,1.0,0.0,0,2021-01-26,1.0,2021-01-21,,,1.0,"The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-400'],['cpe:2.3:a:honeywell:opc_ua_tunneller:*:*:*:*:*:*:*:*'],0,0
CVE-2020-27297,Honeywell,0.00544,9.8,0.0,0.0,1.0,0.0,0,2021-01-26,1.0,2021-01-21,,,1.0,"The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to manipulate memory with controlled values and remotely execute code on the OPC UA Tunneller (versions prior to 6.3.0.8233).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-787', 'CWE-122']",['cpe:2.3:a:honeywell:opc_ua_tunneller:*:*:*:*:*:*:*:*'],0,0
CVE-2020-27299,Honeywell,0.00213,9.1,0.0,0.0,1.0,0.0,0,2021-01-26,1.0,2021-01-21,,,1.0,"The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions prior to 6.3.0.8233).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,CRITICAL,3.9,5.2,['CWE-125'],['cpe:2.3:a:honeywell:opc_ua_tunneller:*:*:*:*:*:*:*:*'],0,0
CVE-2020-6968,Honeywell,0.00042,7.8,0.0,1.0,0.0,1.0,0,2020-02-20,1.0,2020-02-19,,,1.0,Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-269'],"['cpe:2.3:o:honeywell:inncom_inncontrol_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:inncom_inncontrol:-:*:*:*:*:*:*:*']",0,0
CVE-2020-6978,Honeywell,0.00108,7.2,0.0,0.0,1.0,0.0,0,2020-03-24,1.0,2020-02-25,,,1.0,"In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,NONE,CHANGED,LOW,LOW,NONE,HIGH,3.9,2.7,"['NVD-CWE-Other', 'CWE-477']",['cpe:2.3:a:honeywell:win-pak:*:*:*:*:*:*:*:*'],0,0
CVE-2020-6982,Honeywell,0.0014,8.8,0.0,0.0,1.0,0.0,0,2020-03-24,1.0,2020-02-25,,,1.0,"In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-74', 'CWE-644']",['cpe:2.3:a:honeywell:win-pak:*:*:*:*:*:*:*:*'],0,0
CVE-2020-7005,Honeywell,0.00098,8.8,0.0,0.0,1.0,0.0,0,2020-03-24,1.0,2020-02-25,,,1.0,"In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],['cpe:2.3:a:honeywell:win-pak:*:*:*:*:*:*:*:*'],0,0
CVE-2021-39363,Honeywell,0.00255,9.8,0.0,1.0,0.0,1.0,0,2022-02-24,1.0,2022-01-26,,,1.0,Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow a video replay attack after ARP cache poisoning has been achieved.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:h:honeywell:hdzp252di:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hdzp252di_firmware:1.00.hw02.4:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2per1_firmware:1.000.hw01.3:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2per1:-:*:*:*:*:*:*:*']",0,0
CVE-2021-39364,Honeywell,0.00123,7.5,0.0,1.0,0.0,1.0,0,2022-02-24,1.0,2022-01-26,,,1.0,Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing (for camera control) after ARP cache poisoning has been achieved.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-294'],"['cpe:2.3:o:honeywell:hdzp252di_firmware:1.00.hw02.4:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hdzp252di:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:hbw2per1_firmware:1.000.hw01.3:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:hbw2per1:-:*:*:*:*:*:*:*']",0,0
CVE-2022-1261,Honeywell,0.00104,8.8,0.0,0.0,1.0,0.0,0,2022-05-26,0.0,,1.0,2022-05-24,,"Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the IPersisFile to execute operating system processes with system-level privileges.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['NVD-CWE-noinfo', 'CWE-284']",['cpe:2.3:a:honeywell:matrikon_opc_server:*:*:*:*:*:*:*:*'],0,0
CVE-2022-2332,Honeywell,0.00044,7.8,0.0,0.0,1.0,0.0,0,2022-09-16,1.0,2022-09-13,,,1.0,"A local unprivileged attacker may escalate to administrator privileges in Honeywell SoftMaster version 4.51, due to insecure permission assignment.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-732'],['cpe:2.3:a:honeywell:softmaster:4.51:*:*:*:*:*:*:*'],0,0
CVE-2022-2333,Honeywell,0.00082,7.8,0.0,0.0,1.0,0.0,0,2022-09-16,1.0,2022-09-13,,,1.0,"If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and permissions.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:honeywell:softmaster:4.51:*:*:*:*:*:*:*'],0,0
CVE-2022-30245,Honeywell,0.00132,6.5,0.0,0.0,1.0,0.0,0,2022-07-15,0.0,,0.0,,,"Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller's function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-610'],['cpe:2.3:a:honeywell:alerton_compass:1.6.5:*:*:*:*:*:*:*'],0,0
CVE-2022-30312,Honeywell,0.00058,6.5,0.0,1.0,0.0,1.0,0,2022-09-07,0.0,,1.0,2022-08-30,,"The Trend Controls IC protocol through 2022-05-06 allows Cleartext Transmission of Sensitive Information. According to FSCT-2022-0050, there is a Trend Controls Inter-Controller (IC) protocol cleartext transmission of credentials issue. The affected components are characterized as: Inter-Controller (IC) protocol (57612/UDP). The potential impact is: Compromise of credentials. Several Trend Controls building automation controllers utilize the Inter-Controller (IC) protocol in for information exchange and automation purposes. This protocol offers authentication in the form of a 4-digit PIN in order to protect access to sensitive operations like strategy uploads and downloads as well as optional 0-30 character username and password protection for web page access protection. Both the PIN and usernames and passwords are transmitted in cleartext, allowing an attacker with passive interception capabilities to obtain these credentials. Credentials are transmitted in cleartext. An attacker who obtains Trend IC credentials can carry out sensitive engineering actions such as manipulating controller strategy or configuration settings. If the credentials in question are (re)used for other applications, their compromise could potentially facilitate lateral movement.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-319'],"['cpe:2.3:o:honeywell:trend_iq412_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:trend_iq412:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:trend_iq411_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:trend_iq411:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:trend_iq422_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:trend_iq422:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:trend_iq4nc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:trend_iq4nc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:honeywell:trend_iq4e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:trend_iq4e:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30313,Honeywell,0.00054,7.5,0.0,1.0,0.0,1.0,0,2022-07-28,0.0,,1.0,2022-07-26,,"Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0051, there is a Honeywell Experion PKS Safety Manager multiple proprietary protocols with unauthenticated functionality issue. The affected components are characterized as: Honeywell Experion TCP (51000/TCP), Safety Builder (51010/TCP). The potential impact is: Manipulate controller state, Manipulate controller configuration, Manipulate controller logic, Manipulate controller files, Manipulate IO. The Honeywell Experion PKS Distributed Control System (DCS) Safety Manager utilizes several proprietary protocols for a wide variety of functionality, including process data acquisition, controller steering and configuration management. These protocols include: Experion TCP (51000/TCP) and Safety Builder (51010/TCP). None of these protocols have any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality. There is no authentication functionality on the protocols in question. An attacker capable of invoking the protocols' functionalities could achieve a wide range of adverse impacts, including (but not limited to), the following: for Experion TCP (51000/TCP): Issue IO manipulation commands, Issue file read/write commands; and for Safety Builder (51010/TCP): Issue controller start/stop commands, Issue logic download/upload commands, Issue file read commands, Issue system time change commands. A mitigating factor with regards to some, but not all, of the above functionality is that these require the Safety Manager physical keyswitch to be in the right position.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:o:honeywell:safety_manager_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:safety_manager:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30314,Honeywell,0.0005,4.6,0.0,1.0,0.0,1.0,0,2022-07-28,1.0,2022-07-26,,,1.0,"Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 serial interface for firmware management purposes. When booting, the Safety Manager exposes the Enea POLO bootloader via this interface. Access to the boot configuration is controlled by means of credentials hardcoded in the Safety Manager firmware. The credentials for the bootloader are hardcoded in the firmware. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize these credentials to control the boot process and manipulate the unauthenticated firmware image (see FSCT-2022-0054).",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,0.9,3.6,['CWE-798'],"['cpe:2.3:o:honeywell:safety_manager_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:safety_manager:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30315,Honeywell,0.00677,9.8,0.0,1.0,0.0,1.0,0,2022-07-28,0.0,,1.0,2022-07-26,,"Honeywell Experion PKS Safety Manager (SM and FSC) through 2022-05-06 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0053, there is a Honeywell Experion PKS Safety Manager insufficient logic security controls issue. The affected components are characterized as: Honeywell FSC runtime (FSC-CPU, QPP), Honeywell Safety Builder. The potential impact is: Remote Code Execution, Denial of Service. The Honeywell Experion PKS Safety Manager family of safety controllers utilize the unauthenticated Safety Builder protocol (FSCT-2022-0051) for engineering purposes, including downloading projects and control logic to the controller. Control logic is downloaded to the controller on a block-by-block basis. The logic that is downloaded consists of FLD code compiled to native machine code for the CPU module (which applies to both the Safety Manager and FSC families). Since this logic does not seem to be cryptographically authenticated, it allows an attacker capable of triggering a logic download to execute arbitrary machine code on the controller's CPU module in the context of the runtime. While the researchers could not verify this in detail, the researchers believe that the microprocessor underpinning the FSC and Safety Manager CPU modules is incapable of offering memory protection or privilege separation capabilities which would give an attacker full control of the CPU module. There is no authentication on control logic downloaded to the controller. Memory protection and privilege separation capabilities for the runtime are possibly lacking. The researchers confirmed the issues in question on Safety Manager R145.1 and R152.2 but suspect the issue affects all FSC and SM controllers and associated Safety Builder versions regardless of software or firmware revision. An attacker who can communicate with a Safety Manager controller via the Safety Builder protocol can execute arbitrary code without restrictions on the CPU module, allowing for covert manipulation of control operations and implanting capabilities similar to the TRITON malware (MITRE ATT&CK software ID S1009). A mitigating factor with regards to some, but not all, of the above functionality is that these require the Safety Manager physical keyswitch to be in the right position.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-345'],"['cpe:2.3:o:honeywell:safety_manager_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:safety_manager:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30316,Honeywell,0.00179,6.8,0.0,1.0,0.0,1.0,0,2022-07-28,0.0,,1.0,2022-07-26,,"Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The potential impact is: Firmware manipulation. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 communication FTA serial interface and Enea POLO bootloader for firmware management purposes. An engineering workstation running the Safety Builder software communicates via serial or serial-over-ethernet link with the DCOM-232/485 interface. Firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks. Firmware images are unsigned. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize hardcoded credentials (see FSCT-2022-0052) for the POLO bootloader to control the boot process and push malicious firmware images to the controller allowing for firmware manipulation, remote code execution and denial of service impacts. A mitigating factor is that in order for a firmware update to be initiated, the Safety Manager has to be rebooted which is typically done by means of physical controls on the Safety Manager itself. As such, an attacker would have to either lay dormant until a legitimate reboot occurs or possibly attempt to force a reboot through a secondary vulnerability.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-354'],"['cpe:2.3:o:honeywell:safety_manager_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:safety_manager:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30317,Honeywell,0.00069,9.1,0.0,1.0,0.0,1.0,0,2022-08-31,1.0,2022-08-30,,,1.0,"Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access (CDA) EpicMo protocol with unauthenticated functionality issue. The affected components are characterized as: Honeywell Control Data Access (CDA) EpicMo (55565/TCP). The potential impact is: Firmware manipulation, Denial of service. The Honeywell Experion LX Distributed Control System (DCS) utilizes the Control Data Access (CDA) EpicMo protocol (55565/TCP) for device diagnostics and maintenance purposes. This protocol does not have any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality. There is no authentication functionality on the protocol in question. An attacker capable of invoking the protocols' functionalities could issue firmware download commands potentially allowing for firmware manipulation and reboot devices causing denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH,CRITICAL,3.9,5.2,['CWE-306'],"['cpe:2.3:o:honeywell:experion_lx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:honeywell:experion_lx:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30319,Honeywell,0.00052,8.1,0.0,0.0,1.0,0.0,0,2022-07-28,1.0,2022-07-28,,,1.0,"Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia Burgess Controls (SBC) PCD S-Bus authentication bypass issue. The affected components are characterized as: S-Bus (5050/UDP) authentication. The potential impact is: Authentication bypass. The Saia Burgess Controls (SBC) PCD controllers utilize the S-Bus protocol (5050/UDP) for a variety of engineering purposes. It is possible to configure a password in order to restrict access to sensitive engineering functionality. Authentication functions on the basis of a MAC/IP whitelist with inactivity timeout to which an authenticated client's MAC/IP is stored. UDP traffic can be spoofed to bypass the whitelist-based access control. Since UDP is stateless, an attacker capable of passively observing traffic can spoof arbitrary messages using the MAC/IP of an authenticated client. This allows the attacker access to sensitive engineering functionality such as uploading/downloading control logic and manipulating controller configuration.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,['CWE-290'],['cpe:2.3:a:honeywell:saia_pg5_controls_suite:-:*:*:*:*:*:*:*'],0,0
CVE-2022-30320,Honeywell,0.00044,4.3,0.0,0.0,1.0,0.0,0,2022-07-28,1.0,2022-07-28,,,1.0,"Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm. According to FSCT-2022-0063, there is a Saia Burgess Controls (SBC) PCD S-Bus weak credential hashing scheme issue. The affected components are characterized as: S-Bus (5050/UDP) authentication. The potential impact is: Authentication bypass. The Saia Burgess Controls (SBC) PCD controllers utilize the S-Bus protocol (5050/UDP) for a variety of engineering purposes. It is possible to configure a password in order to restrict access to sensitive engineering functionality. Authentication is done by using the S-Bus 'write byte' message to a specific address and supplying a hashed version of the password. The hashing algorithm used is based on CRC-16 and as such not cryptographically secure. An insecure hashing algorithm is used. An attacker capable of passively observing traffic can intercept the hashed credentials and trivially find collisions allowing for authentication without having to bruteforce a keyspace defined by the actual strength of the password. This allows the attacker access to sensitive engineering functionality such as uploading/downloading control logic and manipulating controller configuration.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,2.8,1.4,['CWE-327'],['cpe:2.3:a:honeywell:saia_pg5_controls_suite:-:*:*:*:*:*:*:*'],0,0
CVE-2016-2404,Huawei,0.00097,7.5,0.0,1.0,0.0,0.0,1,2017-04-02,1.0,2016-02-17,,,1.0,"Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation.",CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-264'],"['cpe:2.3:o:huawei:s5700_firmware:v200r001c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s5700_firmware:v200r002c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s5700_firmware:v200r003c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s5700_firmware:v200r005c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s6700_firmware:v200r001c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s6700_firmware:v200r002c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s6700_firmware:v200r003c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s6700_firmware:v200r005c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s6700_firmware:v200r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s7700_firmware:v200r001c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s7700_firmware:v200r002c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s7700_firmware:v200r003c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s7700_firmware:v200r005c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s9700_firmware:v200r001c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s9700_firmware:v200r002c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s9700_firmware:v200r003c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s9700_firmware:v200r005c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s12700_firmware:v200r005c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s12700_firmware:v200r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:acu2_firmware:v200r005c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:acu2_firmware:v200r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:acu2:-:*:*:*:*:*:*:*']",0,0
CVE-2016-6899,Huawei,0.0012,7.5,0.0,1.0,0.0,0.0,1,2016-09-07,1.0,2016-08-24,,,1.0,"The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, RH2288H V3 servers with software before V100R003C00SPC515, RH5885 V3 servers with software before V100R003C10SPC102, and XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610 might allow remote attackers to decrypt encrypted data and consequently obtain sensitive information by leveraging selection of an insecure SSL encryption algorithm.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:o:huawei:rh5885_v3_server_firmware:v100r003c01:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:rh5885_v3_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rh1288_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rh2288_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rh2288h_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:xh620_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:xh622_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:xh628_v3_server_firmware:v100r003c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:rh1288_v3_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:rh2288_v3_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:rh2288h_v3_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:xh620_v3_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:xh622_v3_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:xh628_v3_server:-:*:*:*:*:*:*:*']",0,0
CVE-2016-8768,Huawei,0.00063,7.8,0.0,1.0,0.0,0.0,1,2017-04-02,1.0,2016-10-26,,,1.0,"Huawei Honor 6, Honor 6 Plus, Honor 7 phones with software versions earlier than 6.9.16 could allow attackers to disable the PXN defense mechanism by invoking related drive code to crash the system or escalate privilege.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-254'],"['cpe:2.3:o:huawei:honor_6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_6_plus_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_6_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_7:-:*:*:*:*:*:*:*']",0,0
CVE-2017-15344,Huawei,0.00209,7.5,0.0,1.0,0.0,0.0,1,2018-02-15,1.0,2017-11-29,,,1.0,"Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could cause system reboot.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-190'],"['cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar120-s_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar120-s_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r006c11:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r008c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r008c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*']",0,0
CVE-2017-15347,Huawei,0.00054,5.5,0.0,1.0,0.0,0.0,1,2018-02-15,1.0,2017-11-29,,,1.0,"Huawei Mate 9 Pro mobile phones with software of versions earlier than LON-AL00BC00B235 have a use after free (UAF) vulnerability. An attacker tricks a user into installing a malicious application, and the application can riggers access memory after free it. A local attacker may exploit this vulnerability to cause the mobile phone to crash.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-416'],"['cpe:2.3:o:huawei:mate_9_pro_firmware:lon-al00bc00b235:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:mate_9_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2017-17131,Huawei,0.00119,5.7,0.0,1.0,0.0,0.0,1,2018-03-05,1.0,2017-12-06,,,1.0,Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded. An authenticated remote attacker can place a malformed putty key file in system when a system manager load the key an infinite loop happens which lead to reboot the system.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.1,3.6,['CWE-835'],"['cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:vp9660_firmware:v500r002c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:vp9660:-:*:*:*:*:*:*:*']",0,0
CVE-2017-17139,Huawei,0.00066,5.5,0.0,1.0,0.0,0.0,1,2018-03-05,1.0,2017-12-13,,,1.0,Huawei Mate 9 and Mate 9 pro smart phones with software the versions before MHA-AL00B 8.0.0.334(C00); the versions before LON-AL00B 8.0.0.334(C00) have a information leak vulnerability in the date service proxy implementation. An attacker may trick a user into installing a malicious application and application can exploit the vulnerability to get kernel date which may cause sensitive information leak.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-200'],"['cpe:2.3:o:huawei:mate_9_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:mate_9_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:mate_9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:mate_9:-:*:*:*:*:*:*:*']",0,0
CVE-2017-17150,Huawei,0.00042,5.5,0.0,1.0,0.0,0.0,1,2018-03-09,1.0,2017-12-20,,,1.0,"Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an DoS vulnerability due to insufficient validation of the parameter. An authenticated local attacker may call a special API with special parameter, which cause an infinite loop. Successful exploit of this vulnerability can allow an attacker to launch DOS attack.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-835'],"['cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*']",0,0
CVE-2017-17254,Huawei,0.00197,7.5,0.0,1.0,0.0,0.0,1,2018-04-24,1.0,2017-12-27,,,1.0,"Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 have a null pointer dereference vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-476'],"['cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar120-s_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar120-s_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r006c13:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar1200-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150-s_firmware:v200r006c10spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150-s_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150-s_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar150-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r006c12:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200-s_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200-s_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200-s_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar200-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r006c13:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r006c16pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200-s_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar2200-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r006c11:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r008c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r008c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3600_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3600_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3600_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3600_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r006c12:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r006c13:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r006c15:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r006c16:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r006c17:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r007c00spc180t:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v100r001c10spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v100r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v100r001c10spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v100r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v100r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6800_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:netengine16ex_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:netengine16ex_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:netengine16ex_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:netengine16ex_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:netengine16ex:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rse6500_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:rse6500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg1300_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg1300_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg1300_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg1300_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:srg1300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg2300_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg2300_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg2300_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg2300_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:srg2300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg3300_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg3300_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg3300_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg3300_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:srg3300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5600_firmware:v200r003c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5600_firmware:v200r003c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:svn5600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5800_firmware:v200r003c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5800_firmware:v200r003c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:svn5800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5800-c_firmware:v200r003c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5800-c_firmware:v200r003c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:svn5800-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:semg9811_firmware:v300r001c01:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:semg9811:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v100r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v100r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v100r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v100r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c00spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:tp3206_firmware:v100r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:tp3206_firmware:v100r002c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:tp3206:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9520_firmware:v300r001c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9520_firmware:v300r001c20:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9560_firmware:v300r001c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9560_firmware:v300r001c20:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9580_firmware:v300r001c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9580_firmware:v300r001c20:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v100r001c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:vp9660_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:vp9660_firmware:v500r002c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:vp9660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:viewpoint_8660_firmware:v100r008c03:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:viewpoint_8660:-:*:*:*:*:*:*:*']",0,0
CVE-2017-17297,Huawei,0.00171,5.3,0.0,1.0,0.0,0.0,1,2018-02-15,1.0,2017-12-15,,,1.0,"Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00, V600R006C00, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, ViewPoint 9030 V100R011C02, V100R011C03, eSpace U1981 V200R003C20SPC900, V200R003C30SPC200 have a buffer overflow vulnerability. An unauthenticated, remote attacker may send specially crafted SIP packages to the affected products. Due to the insufficient validation of some values for SIP packages, successful exploit may cause services abnormal.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,['CWE-119'],"['cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar120-s_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar120-s_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r006c13:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar1200-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150-s_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150-s_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar150-s_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar150-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r006c12:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200-s_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200-s_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200-s_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar200-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r006c13:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r006c16:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200-s_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar2200-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r006c11:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r008c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r008c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3600_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3600_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3600_firmware:v200r007c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3600_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r006c12:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r006c13:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r006c15:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r006c16:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r006c17:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar510_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v100r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v100r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v100r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6800_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:netengine16ex_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:netengine16ex_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:netengine16ex_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:netengine16ex_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:netengine16ex:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rse6500_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:rse6500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg1300_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg1300_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg1300_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg1300_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:srg1300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg2300_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg2300_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg2300_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg2300_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:srg2300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg3300_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg3300_firmware:v200r007c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg3300_firmware:v200r008c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:srg3300_firmware:v200r008c30:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:srg3300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5600_firmware:v200r003c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5600_firmware:v200r003c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:svn5600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5800_firmware:v200r003c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:svn5800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5800-c_firmware:v200r003c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5800-c_firmware:v200r003c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:svn5800-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:semg9811_firmware:v300r001c01:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:semg9811:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v100r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v100r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v100r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v100r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:tp3206_firmware:v100r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:tp3206_firmware:v100r002c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:tp3206:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9520_firmware:v300r001c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9520_firmware:v300r001c20:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9560_firmware:v300r001c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9560_firmware:v300r001c20:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9580_firmware:v300r001c01:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9580_firmware:v300r001c20:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c20spc900:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:espace_u1981:-:*:*:*:*:*:*:*']",0,0
CVE-2017-8165,Huawei,0.00066,5.5,0.0,1.0,0.0,0.0,1,2018-03-05,1.0,2017-11-17,,,1.0,Mate 9 Huawei smart phones with versions earlier than MHA-AL00BC00B233 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Successful exploitation may cause sensitive information leak.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-200'],"['cpe:2.3:o:huawei:mate_9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:mate_9:-:*:*:*:*:*:*:*']",0,0
CVE-2017-8205,Huawei,0.00072,7.8,0.0,1.0,0.0,0.0,1,2017-11-22,1.0,2017-09-14,,,1.0,"The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitrary code execution.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-190'],"['cpe:2.3:o:huawei:honor_9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_9:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7903,Huawei,0.00164,8.8,0.0,1.0,0.0,0.0,1,2018-05-24,1.0,2018-05-23,,,1.0,"Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:huawei:1288h_v5_firmware:v100r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:1288h_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:2288h_v5_firmware:v100r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:2288h_v5:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7910,Huawei,0.00068,6.8,0.0,1.0,0.0,0.0,1,2018-11-13,1.0,2018-11-01,,,1.0,"Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118D(C01), BLA-AL00B 8.0.0.118D(C00), BLA-L09C 8.0.0.127(C432), 8.0.0.128(C432), 8.0.0.137(C432), BLA-L29C 8.0.0.129(C432), 8.0.0.137(C432) have an authentication bypass vulnerability. When the attacker obtains the user's smartphone, the vulnerability can be used to replace the start-up program so that the attacker can obtain the information in the smartphone and achieve the purpose of controlling the smartphone.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-287'],"['cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.1.18d\\(c00\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:alp-tl00b_firmware:8.0.0.1.18d\\(c01\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:alp-tl00b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-al00b_firmware:8.0.0.1.18d\\(c00\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:bla-al00b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-l09c_firmware:8.0.0.127\\(c432\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-l09c_firmware:8.0.0.128\\(c432\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-l09c_firmware:8.0.0.137\\(c432\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:bla-l09c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-l29c_firmware:8.0.0.127\\(c432\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-l29c_firmware:8.0.0.137\\(c432\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7920,Huawei,0.00209,7.5,0.0,1.0,0.0,0.0,1,2018-04-19,1.0,2018-04-18,,,1.0,"Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 V200R006C10SPC300, AR2200 V200R006C10SPC300, AR3200 V200R006C10SPC300 devices have an improper resource management vulnerability. Due to the improper implementation of ACL mechanism, a remote attacker may send TCP messages to the management interface of the affected device to exploit this vulnerability. Successful exploit could exhaust the socket resource of management interface, leading to a DoS condition.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-400'],"['cpe:2.3:o:huawei:ar1200_firmware:v200r006c10spc300:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar160_firmware:v200r006c10spc300:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar200_firmware:v200r006c10spc300:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar2200_firmware:v200r006c10spc300:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r006c10spc300:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19398,Huawei,0.00177,9.8,0.0,1.0,0.0,0.0,1,2019-12-26,1.0,2019-12-25,,,1.0,"M5 lite 10 with versions of 8.0.0.182(C00) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to modify the memory of the device by doing a series of operations. Successful exploit may lead to malicious code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],"['cpe:2.3:o:huawei:m5_lite_10_firmware:8.0.0.182\\(c00\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:m5_lite_10:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19414,Huawei,0.00206,7.5,0.0,1.0,0.0,0.0,1,2020-01-21,1.0,2020-01-15,,,1.0,"There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-190'],"['cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r003c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r004c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:dbs3900_tdd_lte:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rp200_firmware:v500r002c00spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5256,Huawei,0.00042,5.5,0.0,1.0,0.0,0.0,1,2019-12-13,1.0,2019-12-11,,,1.0,"Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-476'],"['cpe:2.3:o:huawei:ap2000_firmware:v200r005c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ap2000_firmware:v200r006c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ap2000_firmware:v200r006c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ap2000_firmware:v200r007c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ap2000_firmware:v200r007c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ap2000_firmware:v200r008c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ap2000_firmware:v200r008c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ap2000_firmware:v200r009c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ap2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c00sph303:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c00sph508:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c20spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c20spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c20spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c20spc200b062:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c20spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c20spc300b078:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c20spc300pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c30spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c30spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c30spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c30spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c50pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r001c80:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ips:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c00spc500pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c00sph303:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c00sph508:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c20spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c20spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c20spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c20spc200b062:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c20spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c20spc300b078:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r001c20spc300pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r002c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r002c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r002c00spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r002c00spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r002c00spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r002c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r002c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r002c10pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r002c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r002c30pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ngfw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c00sph303:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c00sph508:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c20spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c20spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c20spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c20spc200b062:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c20spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c20spc300b078:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c20spc300pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c30spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c30spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c30spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c30spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c50pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c80:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c00sph303:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c00sph508:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c20spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c20spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c20spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c20spc200b062:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c20spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c20spc300b078:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c30spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c30spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c30spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c30spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c50pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c80:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6800_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6800_firmware:v500r001c50pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6800_firmware:v500r001c80:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:s5700_firmware:v200r005c03:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5600_firmware:v200r003c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:svn5600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5800_firmware:v200r003c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:svn5800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:svn5800-c_firmware:v200r003c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:svn5800-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:semg9811_firmware:v500r002c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:semg9811_firmware:v500r002c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:semg9811_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:semg9811:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c00spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c00spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c00spc700:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c00sph303:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c20spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c20spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c20spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c20spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c60spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c60spc101:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c60spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c60spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c60spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_antiddos8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v100r001c20spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00spc500pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00sph303:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00sph508:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20spc101:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20spc200b062:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20spc300b078:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20spc300pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c50pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c80:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c80pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v100r001c20spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00spc500pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00sph303:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00sph508:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20spc101:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20spc200b062:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20spc300b078:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20spc300pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c50pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c80:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c80pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c00spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c10spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c10spc201:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c20spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c20spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00spc050:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00spc090:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00spc500pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00sph303:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20spc101:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20spc300b078:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c20spc300pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc601:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50spc009:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc100pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc200pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c80:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c80pwe:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc102:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r001c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r001c10spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r001c10spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r001c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r001c20spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r001c20spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r001c20spc300:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r001c20spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r001c20spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6000v_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c50spc700:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:espace_u1981:-:*:*:*:*:*:*:*']",0,0
CVE-2020-1838,Huawei,0.00052,5.5,0.0,1.0,0.0,0.0,1,2020-07-06,1.0,2020-07-01,,,1.0,"HUAWEI Mate 30 Pro with versions earlier than 10.1.0.150(C00E136R5P3) have is an improper authentication vulnerability. The device does not sufficiently validate certain credential of user's face, an attacker could craft the credential of the user, successful exploit could allow the attacker to pass the authentication with the crafted credential.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['CWE-287'],"['cpe:2.3:o:huawei:mate_30_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:mate_30_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2020-1882,Huawei,0.00058,4.6,0.0,1.0,0.0,0.0,1,2020-02-18,1.0,2020-01-22,,,1.0,"Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0.180(C432E6R1P7), earlier than 10.0.0.180(C636E5R2P3); HUAWEI Mate 20 RS versions earlier than 10.0.0.175(C786E70R3P8); HUAWEI Mate 20 X versions earlier than 10.0.0.176(C00E70R2P8); and Honor Magic2 versions earlier than 10.0.0.175(C00E59R2P11) have an improper authorization vulnerability. Due to improper authorization of some function, attackers can bypass the authorization to perform some operations.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,0.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:huawei:mate_20_rs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:mate_20_rs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_magic2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_magic2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*']",0,0
CVE-2020-9068,Huawei,0.00309,9.8,0.0,1.0,0.0,0.0,1,2020-04-27,1.0,2020-04-22,,,1.0,"Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spc900:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spca00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spcb00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r007c00spcc00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ar3200_firmware:v200r009c00spc500:*:*:*:*:*:*:*']",0,0
CVE-2020-9070,Huawei,0.00068,5.5,0.0,1.0,0.0,0.0,1,2020-04-20,1.0,2020-04-15,,,1.0,Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper authentication vulnerability. The software insufficiently validate the user's identity when a user wants to do certain operation. An attacker can trick user into installing a malicious application to exploit this vulnerability. Successful exploit may cause some information disclosure.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-287'],"['cpe:2.3:h:huawei:taurus-al00b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:taurus-al00b_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-9076,Huawei,0.00128,6.8,0.0,1.0,0.0,0.0,1,2020-06-15,1.0,2020-06-10,,,1.0,"HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,NONE,MEDIUM,1.6,5.2,['CWE-287'],"['cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-9077,Huawei,0.00054,3.3,0.0,1.0,0.0,0.0,1,2020-07-27,1.0,2020-07-22,,,1.0,HUAWEI P30 smart phones with versions earlier than 10.1.0.160(C00E160R2P11) have an information exposure vulnerability. The system does not properly authenticate the application that access a specified interface. Attackers can trick users into installing malicious software to exploit this vulnerability and obtain some information about the device. Successful exploit may cause information disclosure.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,['CWE-287'],"['cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*']",0,0
CVE-2020-9112,Huawei,0.00044,7.8,0.0,1.0,0.0,0.0,1,2020-10-19,1.0,2020-10-14,,,1.0,"Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a privilege elevation vulnerability. Due to lack of privilege restrictions on some of the business functions of the device. An attacker could exploit this vulnerability to access the protecting information, resulting in the elevation of the privilege.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-269'],"['cpe:2.3:o:huawei:taurus-an00b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:taurus-an00b:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22306,Huawei,0.00058,4.6,0.0,1.0,0.0,0.0,1,2021-02-06,1.0,2021-01-27,,,1.0,"There is an out-of-bound read vulnerability in Mate 30 10.0.0.182(C00E180R6P2). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause out-of-bound, compromising normal service.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,0.9,3.6,['CWE-125'],"['cpe:2.3:o:huawei:mate_30_firmware:10.0.0.182\\(c00e180r6p2\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:mate_30:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22307,Huawei,0.00042,5.5,0.0,1.0,0.0,0.0,1,2021-02-06,1.0,2021-01-27,,,1.0,There is a weak algorithm vulnerability in Mate 3010.0.0.203(C00E201R7P2). The protection is insufficient for the modules that should be protected. Local attackers can exploit this vulnerability to affect the integrity of certain module.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:huawei:mate_30_firmware:10.0.0.203\\(c00e201r7p2\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:mate_30:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22327,Huawei,0.00093,6.5,0.0,1.0,0.0,0.0,1,2021-04-28,1.0,2021-03-31,,,1.0,"There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R3P4), 10.0.0.192(C635E3R2P4).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-787'],"['cpe:2.3:o:huawei:p30_firmware:10.0.0.186\\(c10e7r5p1\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_firmware:10.0.0.186\\(c461e4r3p1\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_firmware:10.0.0.188\\(c00e85r2p11\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_firmware:10.0.0.188\\(c01e88r2p11\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_firmware:10.0.0.188\\(c605e19r1p3\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_firmware:10.0.0.190\\(c185e4r7p1\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_firmware:10.0.0.190\\(c431e22r2p5\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_firmware:10.0.0.190\\(c432e22r2p5\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_firmware:10.0.0.190\\(c605e19r1p3\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_firmware:10.0.0.190\\(c636e4r3p4\\):*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_firmware:10.0.0.192\\(c635e3r2p4\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22330,Huawei,0.00062,6.5,0.0,1.0,0.0,0.0,1,2021-04-28,1.0,2021-03-31,,,1.0,"There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input parameter, successful exploit can cause the process and the service to be abnormal.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-787'],"['cpe:2.3:o:huawei:p30_firmware:9.1.0.131\\(c00e130r1p21\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22338,Huawei,0.00081,5.3,0.0,1.0,0.0,0.0,1,2021-06-29,1.0,2021-04-21,,,1.0,"There is an XXE injection vulnerability in eCNS280 V100R005C00 and V100R005C10. A module does not perform the strict operation to the input XML message. Attacker can send specific message to exploit this vulnerability, leading to the module denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,['CWE-611'],"['cpe:2.3:o:huawei:ecns280_firmware:v100r005c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ecns280_firmware:v100r005c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ecns280:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22396,Huawei,0.00042,7.8,0.0,1.0,0.0,0.0,1,2021-08-02,1.0,2021-07-14,,,1.0,"There is a privilege escalation vulnerability in some Huawei products. Due to improper privilege management, a local attacker with common privilege may access some specific files in the affected products. Successful exploit will cause privilege escalation.Affected product versions include:eCNS280_TD V100R005C00,V100R005C10;eSE620X vESS V100R001C10SPC200,V100R001C20SPC200.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-269'],"['cpe:2.3:o:huawei:ecns280_td_firmware:v100r005c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ecns280_td_firmware:v100r005c10:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ecns280_td:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ese620x_vess_firmware:v100r001c10spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ese620x_vess_firmware:v100r001c20spc200:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ese620x_vess:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22398,Huawei,0.00056,4.6,0.0,1.0,0.0,0.0,1,2021-08-02,1.0,2021-07-14,,,1.0,There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations. Affected product versions include: Hulk-AL00C 9.1.1.201(C00E201R8P1);Jennifer-AN00C 10.1.1.171(C00E170R6P3);Jenny-AL10B 10.1.0.228(C00E220R5P1) and OxfordPL-AN10B 10.1.0.116(C00E110R2P1).,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,0.9,3.6,['CWE-863'],"['cpe:2.3:o:huawei:hulk-al00c_firmware:9.1.1.201\\(c00e201r8p1\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hulk-al00c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:jennifer-an00c_firmware:10.1.1.171\\(c00e170r6p3\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:jennifer-an00c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:jenny-al10b_firmware:10.1.0.228\\(c00e220r5p1\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:jenny-al10b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:oxfordpl-an10b_firmware:10.1.0.116\\(c00e110r2p1\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:oxfordpl-an10b:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22449,Huawei,0.0008,7.5,0.0,0.0,1.0,0.0,1,2021-08-23,1.0,2021-06-30,,,1.0,"There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthenticated attacker could perform specific operations to exploit this vulnerability. Due to insufficient security design, successful exploit could allow an attacker to add users to be friends without prompting in the target device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],['cpe:2.3:a:huawei:elf-g10hn:1.0.0.608:*:*:*:*:*:*:*'],0,0
CVE-2022-22259,Huawei,0.00062,6.8,0.0,1.0,0.0,0.0,1,2022-06-13,1.0,2022-04-06,,,1.0,There is an improper authentication vulnerability in FLMG-10 10.0.1.0(H100SP22C00). Successful exploitation of this vulnerability may lead to a control of the victim device.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-287'],"['cpe:2.3:o:huawei:flmg-10_firmware:10.0.1.0\\(h100sp22c00\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:flmg-10:-:*:*:*:*:*:*:*']",0,0
CVE-2022-29797,Huawei,0.00226,9.8,0.0,1.0,0.0,0.0,1,2022-06-13,1.0,2022-04-27,,,1.0,There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege escalation.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:h:huawei:cv81-wdm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:cv81-wdm_firmware:01.70.49.29.46:*:*:*:*:*:*:*']",0,0
CVE-2016-5723,Huawei,0.00042,7.8,0.0,0.0,1.0,0.0,0,2016-06-24,1.0,2016-06-17,,,1.0,Huawei FusionInsight HD before V100R002C60SPC200 allows local users to gain root privileges via unspecified vectors.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-264'],"['cpe:2.3:a:huawei:fusioninsight_hd:v100r002c30:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:fusioninsight_hd:v100r002c50:*:*:*:*:*:*:*']",0,0
CVE-2016-5850,Huawei,0.00065,5.4,0.0,0.0,1.0,0.0,0,2016-07-12,1.0,2016-06-29,,,1.0,Cross-site scripting (XSS) vulnerability in the volume backup service module in Huawei Public Cloud Solution before 1.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:huawei:public_cloud_solution:*:*:*:*:*:*:*:*'],0,0
CVE-2016-7110,Huawei,0.00327,9.8,0.0,0.0,1.0,0.0,0,2016-09-07,1.0,2016-08-24,,,1.0,"Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via ""special characters,"" a different vulnerability than CVE-2016-7109.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-94'],['cpe:2.3:a:huawei:uma:*:*:*:*:*:*:*:*'],0,0
CVE-2016-8803,Huawei,0.00044,7.5,0.0,0.0,1.0,0.0,0,2017-04-02,1.0,2016-11-23,,,1.0,The maintenance module in Huawei FusionStorage V100R003C30U1 allows attackers to create documents according to special rules to obtain the OS root privilege of FusionStorage.,CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H,LOCAL,HIGH,LOW,REQUIRED,CHANGED,HIGH,HIGH,HIGH,HIGH,0.8,6.0,['CWE-264'],['cpe:2.3:a:huawei:fusionstorage:v100r003c30u1:*:*:*:*:*:*:*'],0,0
CVE-2017-15313,Huawei,0.00164,8.8,0.0,0.0,1.0,0.0,0,2017-12-22,1.0,2017-12-01,,,1.0,Huawei SmartCare V200R003C10 has a CSV injection vulnerability. An remote authenticated attacker could inject malicious CSV expression to the affected device.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-74'],['cpe:2.3:a:huawei:smartcare:v200r003c10:*:*:*:*:*:*:*'],0,0
CVE-2017-15321,Huawei,0.00096,3.7,0.0,0.0,1.0,0.0,0,2017-12-22,1.0,2017-11-08,,,1.0,Huawei FusionSphere OpenStack V100R006C000SPC102 (NFV) has an information leak vulnerability due to the use of a low version transmission protocol by default. An attacker could intercept packets transferred by a target device. Successful exploit could cause an information leak.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,NONE,NONE,LOW,2.2,1.4,['CWE-200'],['cpe:2.3:a:huawei:fusionsphere_openstack:v100r006c000spc102_\\(nfv\\):*:*:*:*:*:*:*'],0,0
CVE-2017-17321,Huawei,0.00042,3.3,0.0,1.0,0.0,0.0,0,2018-03-09,1.0,2018-03-09,,,1.0,"Huawei eNSP software with software of versions earlier than V100R002C00B510 has a buffer overflow vulnerability. Due to the improper validation of specific command line parameter, a local attacker could exploit this vulnerability to cause the software process abnormal.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,LOW,LOW,1.8,1.4,['CWE-119'],"['cpe:2.3:o:huawei:ensp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ensp:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2709,Huawei,0.00063,5.5,0.0,0.0,1.0,0.0,0,2017-11-22,1.0,2017-09-13,,,1.0,"HiGame with software earlier than 7.3.0 versions, SkyTone with software earlier than 8.1.1 versions have a DoS Vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, the attacker can send malformed packets to the device. Due to the lack of adequate input validation of APPs, which causes the APPs Denial of Service.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-20'],"['cpe:2.3:a:huawei:higame:*:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:skytone:*:*:*:*:*:*:*:*']",0,0
CVE-2017-8124,Huawei,0.00245,9.8,0.0,0.0,1.0,0.0,0,2017-11-22,1.0,2017-06-12,,,1.0,The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],['cpe:2.3:a:huawei:uma:v200r001:*:*:*:*:*:*:*'],0,0
CVE-2017-8125,Huawei,0.00089,6.1,0.0,0.0,1.0,0.0,0,2017-11-22,1.0,2017-06-12,,,1.0,The UMA product with software V200R001 and V300R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft malicious links or scripts to launch XSS attacks.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:huawei:uma:v200r001:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:uma:v300r001:*:*:*:*:*:*:*']",0,0
CVE-2017-8126,Huawei,0.00245,9.8,0.0,0.0,1.0,0.0,0,2017-11-22,1.0,2017-06-12,,,1.0,The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],['cpe:2.3:a:huawei:uma:v200r001:*:*:*:*:*:*:*'],0,0
CVE-2017-8127,Huawei,0.00089,6.1,0.0,0.0,1.0,0.0,0,2017-11-22,1.0,2017-06-12,,,1.0,The UMA product with software V200R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft malicious links or scripts to launch XSS attacks.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:huawei:uma:v200r001:*:*:*:*:*:*:*'],0,0
CVE-2019-5238,Huawei,0.00072,7.8,0.0,0.0,1.0,0.0,0,2019-08-08,1.0,2019-07-10,,,1.0,Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versions before 9.0.1.70 (China) have a code execution vulnerability. Successful exploitation may cause the attacker to execute code and read/write information.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:huawei:pcmanager\\(china\\):*:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:pcmanager\\(oversea\\):*:*:*:*:*:*:*:*']",0,0
CVE-2019-5263,Huawei,0.00044,5.5,0.0,0.0,1.0,0.0,0,2019-11-29,1.0,2019-08-21,,,1.0,HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting the backup.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-307'],"['cpe:2.3:a:huawei:hisuite:*:*:*:*:*:macos:*:*', 'cpe:2.3:a:huawei:hisuite:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:huawei:hwbackup:*:*:*:*:*:*:*:*']",0,0
CVE-2020-1828,Huawei,0.00103,7.5,0.0,1.0,0.0,0.0,0,2020-02-17,1.0,2020-02-12,,,1.0,"Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message. Attackers can send specific message to cause out-of-bound read, compromising normal service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:o:huawei:nip6800_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-1847,Huawei,0.00103,7.5,0.0,1.0,0.0,0.0,0,2020-11-13,1.0,2020-01-11,,,1.0,"There is a denial of service vulnerability in some Huawei products. There is no protection against the attack scenario of specific protocol. A remote, unauthorized attackers can construct attack scenarios, which leads to denial of service.Affected product versions include:NIP6300 versions V500R001C30,V500R001C60;NIP6600 versions V500R001C30,V500R001C60;Secospace USG6300 versions V500R001C30,V500R001C60;Secospace USG6500 versions V500R001C30,V500R001C60;Secospace USG6600 versions V500R001C30,V500R001C60;USG9500 versions V500R001C30,V500R001C60.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c60:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-1873,Huawei,0.0011,7.5,0.0,1.0,0.0,0.0,0,2020-02-28,1.0,2020-02-19,,,1.0,"NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the device reboot.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:o:huawei:nip6800_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6800_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-1874,Huawei,0.00044,5.5,0.0,1.0,0.0,0.0,0,2020-02-28,1.0,2020-02-19,,,1.0,NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause certain process reboot.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-824'],"['cpe:2.3:o:huawei:nip6800_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6800_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-1883,Huawei,0.00081,4.9,0.0,1.0,0.0,0.0,0,2020-06-05,1.0,2020-06-03,,,1.0,Huawei products NIP6800;Secospace USG6600;USG9500 have a memory leak vulnerability. An attacker with high privileges exploits this vulnerability by continuously performing specific operations. Successful exploitation of this vulnerability can cause service abnormal.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-401'],"['cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8840,Huawei,0.03042,9.8,0.0,1.0,0.0,0.0,0,2020-02-10,1.0,2020-06-10,,,0.0,"FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-502'],"['cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*', 'cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*', 'cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:oceanstor_9000_firmware:v300r006c20:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:oceanstor_9000_firmware:v300r006c20spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:oceanstor_9000_firmware:v300r006c20spc200:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:oceanstor_9000_firmware:v300r006c20spc300:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:oceanstor_9000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:global_lifecycle_management_opatch:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:global_lifecycle_management_opatch:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:global_lifecycle_management_opatch:*:*:*:*:*:*:*:*']",0,0
CVE-2020-9072,Huawei,0.00042,6.7,0.0,1.0,0.0,0.0,0,2020-04-27,1.0,2020-04-22,,,1.0,"Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 have a local privilege escalation vulnerability. An authenticated, local attacker can constructs a specific file path to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:huawei:osd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:osd_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-9075,Huawei,0.00063,6.5,0.0,1.0,0.0,0.0,0,2020-06-15,1.0,2020-06-10,,,1.0,"Huawei products Secospace USG6300;USG6300E with versions of V500R001C30,V500R001C50,V500R001C60,V500R001C80,V500R005C00,V500R005C10;V600R006C00 have a vulnerability of insufficient input verification. An attacker with limited privilege can exploit this vulnerability to access a specific directory. Successful exploitation of this vulnerability may lead to information leakage.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-20'],"['cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c10:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c50:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c80:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:usg6300e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:usg6300e_firmware:v600r006c00:*:*:*:*:*:*:*']",0,0
CVE-2020-9078,Huawei,0.00042,7.8,0.0,0.0,1.0,0.0,0,2020-08-10,1.0,2020-08-05,,,1.0,"FusionCompute 8.0.0 have local privilege escalation vulnerability. A local, authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:huawei:fusioncompute:8.0.0:*:*:*:*:*:*:*'],0,0
CVE-2020-9091,Huawei,0.00044,5.5,0.0,1.0,0.0,0.0,0,2020-10-12,1.0,2020-09-30,,,1.0,Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an out-of-bounds read and write vulnerability. Some functions do not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-125'],"['cpe:2.3:o:huawei:taurus-an00b_firmware:10.1.0.156\\(c00e155r7p2\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:taurus-an00b:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22298,Huawei,0.00065,6.5,0.0,0.0,1.0,0.0,0,2021-02-06,1.0,2021-01-13,,,1.0,"There is a logic vulnerability in Huawei Gauss100 OLTP Product. An attacker with certain permissions could perform specific SQL statement to exploit this vulnerability. Due to insufficient security design, successful exploit can cause service abnormal. Affected product versions include: ManageOne versions 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, 6.5.1.SPC100.B050, 6.5.1.SPC101.B010, 6.5.1.SPC101.B040, 6.5.1.SPC200, 6.5.1.SPC200.B010, 6.5.1.SPC200.B030, 6.5.1.SPC200.B040, 6.5.1.SPC200.B050, 6.5.1.SPC200.B060, 6.5.1.SPC200.B070, 6.5.1RC1.B070, 6.5.1RC1.B080, 6.5.1RC2.B040, 6.5.1RC2.B050, 6.5.1RC2.B060, 6.5.1RC2.B070, 6.5.1RC2.B080, 6.5.1RC2.B090.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:huawei:manageone:6.5.1.1:b020:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:b030:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:b040:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:rc1.b070:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:rc1.b080:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:rc2.b040:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:rc2.b050:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:rc2.b060:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:rc2.b070:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:rc2.b080:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:rc2.b090:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:spc100.b050:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:spc101.b010:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:spc101.b040:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:spc200:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b010:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b030:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b040:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b050:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b060:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:6.5.1.1:spc200.b070:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:8.0.0:*:*:*:*:*:*:*']",0,0
CVE-2021-22311,Huawei,0.00104,7.2,0.0,0.0,1.0,0.0,0,2021-03-22,1.0,2021-02-03,,,1.0,"There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to improper security hardening, the process can run with a higher privilege. Successful exploit could allow certain users to do certain operations with improper permissions. Affected product versions include: ManageOne versions 8.0.0, 8.0.1.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-276'],"['cpe:2.3:a:huawei:manageone:8.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:8.0.1:*:*:*:*:*:*:*']",0,0
CVE-2021-22340,Huawei,0.00044,4.1,0.0,0.0,1.0,0.0,0,2021-06-29,1.0,2021-04-28,,,1.0,"There is a multiple threads race condition vulnerability in Huawei product. A race condition exists for concurrent I/O read by multiple threads. An attacker with the root permission can exploit this vulnerability by performing some operations. Successful exploitation of this vulnerability may cause the system to crash. Affected product versions include: ManageOne 6.5.1.SPC200, 8.0.0,8.0.0-LCND81, 8.0.0.SPC100, 8.0.1,8.0.RC2, 8.0.RC3, 8.0.RC3.SPC100;SMC2.0 V600R019C10SPC700,V600R019C10SPC702, V600R019C10SPC703,V600R019C10SPC800, V600R019C10SPC900, V600R019C10SPC910, V600R019C10SPC920, V600R019C10SPC921, V600R019C10SPC922, V600R019C10SPC930, V600R019C10SPC931",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H,LOCAL,HIGH,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,0.5,3.6,['CWE-362'],"['cpe:2.3:a:huawei:manageone:6.5.1:spc200:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:8.0.0:-:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:8.0.0:lcnd81:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:8.0.0:rc2:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:8.0.0:rc3:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:8.0.0:rc3.spc100:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:8.0.0:spc100:*:*:*:*:*:*', 'cpe:2.3:a:huawei:manageone:8.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:smc2.0:v600r019c10spc700:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:smc2.0:v600r019c10spc702:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:smc2.0:v600r019c10spc703:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:smc2.0:v600r019c10spc800:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:smc2.0:v600r019c10spc900:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:smc2.0:v600r019c10spc910:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:smc2.0:v600r019c10spc920:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:smc2.0:v600r019c10spc921:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:smc2.0:v600r019c10spc922:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:smc2.0:v600r019c10spc930:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:smc2.0:v600r019c10spc931:*:*:*:*:*:*:*']",0,0
CVE-2021-22341,Huawei,0.00081,4.9,0.0,1.0,0.0,0.0,0,2021-06-29,1.0,2021-05-06,,,1.0,"There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-401'],"['cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ips_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00spc200:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6300_firmware:v500r005c10spc200:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nip6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00spc200:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c10spc200:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc100:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00spc200:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22358,Huawei,0.00067,4.3,0.0,0.0,1.0,0.0,0,2021-05-27,1.0,2021-05-06,,,1.0,"There is an insufficient input validation vulnerability in FusionCompute 8.0.0. Due to the input validation is insufficient, an attacker can exploit this vulnerability to upload any files to the device. Successful exploit may cause the service abnormal.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,2.8,1.4,['CWE-20'],['cpe:2.3:a:huawei:fusioncompute:8.0.0:*:*:*:*:*:*:*'],0,0
CVE-2021-22397,Huawei,0.00044,6.7,0.0,0.0,1.0,0.0,0,2021-08-02,1.0,2021-07-14,,,1.0,There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can compromise normal service.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-20'],['cpe:2.3:a:huawei:manageone:8.0.0:-:*:*:*:*:*:*'],0,0
CVE-2021-22410,Huawei,0.00054,5.4,0.0,1.0,0.0,0.0,0,2021-11-23,1.0,2021-03-24,,,1.0,There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:h:huawei:imaster_nce-fabric:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:imaster_nce-fabric_firmware:v100r019c10:*:*:*:*:*:*:*']",0,0
CVE-2021-22439,Huawei,0.00175,8.1,0.0,0.0,1.0,0.0,0,2021-06-29,1.0,2021-06-19,,,1.0,"There is a deserialization vulnerability in Huawei AnyOffice V200R006C10. An attacker can construct a specific request to exploit this vulnerability. Successfully exploiting this vulnerability, the attacker can execute remote malicious code injection and to control the device.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-502'],['cpe:2.3:a:huawei:anyoffice:v200r006c10:*:*:*:*:*:*:*'],0,0
CVE-2021-37102,Huawei,0.00125,8.8,0.0,0.0,1.0,0.0,0,2021-11-23,1.0,2021-09-22,,,1.0,"There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system. Affected product versions include: FusionCompute 6.0.0, 6.3.0, 6.3.1, 6.5.0, 6.5.1, 8.0.0.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-77'],"['cpe:2.3:a:huawei:fusioncompute:6.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:fusioncompute:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:fusioncompute:6.3.1:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:fusioncompute:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:fusioncompute:6.5.1:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:fusioncompute:8.0.0:*:*:*:*:*:*:*']",0,0
CVE-2021-37106,Huawei,0.00125,7.2,0.0,0.0,1.0,0.0,0,2021-09-28,1.0,2021-09-22,,,1.0,"There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-77'],"['cpe:2.3:a:huawei:fusioncompute:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:fusioncompute:6.3.1:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:fusioncompute:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:a:huawei:fusioncompute:8.0.0:*:*:*:*:*:*:*']",0,0
CVE-2021-40046,Huawei,0.00201,9.8,0.0,0.0,1.0,0.0,0,2022-02-25,1.0,2022-02-16,,,1.0,PCManager versions 11.1.1.95 has a privilege escalation vulnerability. Successful exploit could allow the attacker to access certain resource beyond its privilege.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:huawei:pcmanager:11.1.1.95:*:*:*:*:*:*:*'],0,0
CVE-2016-3161,Nvidia,0.00052,7.8,0.0,1.0,1.0,0.0,1,2016-11-08,1.0,2016-08-19,,,1.0,"For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-3161 ID is for the GameStream unquoted service path.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-Other'],"['cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*']",0,0
CVE-2016-4959,Nvidia,0.00427,7.5,0.0,1.0,1.0,0.0,1,2016-11-08,1.0,2016-08-19,,,1.0,"For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-476'],"['cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*']",0,0
CVE-2016-4960,Nvidia,0.00052,7.3,0.0,1.0,1.0,0.0,1,2016-11-08,1.0,2016-08-19,,,1.0,"For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.",CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.3,5.9,['CWE-20'],"['cpe:2.3:a:nvidia:geforce_experience:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*']",0,0
CVE-2016-4961,Nvidia,0.00052,5.5,0.0,1.0,1.0,0.0,1,2016-11-08,1.0,2016-08-19,,,1.0,"For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-20'],"['cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*']",0,0
CVE-2016-5025,Nvidia,0.00052,6.6,0.0,1.0,1.0,0.0,1,2016-11-08,1.0,2016-08-19,,,1.0,"For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,HIGH,MEDIUM,1.8,4.7,['CWE-20'],"['cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*']",0,0
CVE-2016-5852,Nvidia,0.00052,7.8,0.0,1.0,1.0,0.0,1,2016-11-08,1.0,2016-08-19,,,1.0,"For the NVIDIA Quadro, NVS, and GeForce products, GFE GameStream and NVTray Plugin unquoted service path vulnerabilities are examples of the unquoted service path vulnerability in Windows. A successful exploit of a vulnerable service installation can enable malicious code to execute on the system at the system/user privilege level. The CVE-2016-5852 ID is for the NVTray Plugin unquoted service path.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-Other'],"['cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_910m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_920m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_920mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_930m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_930mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_940m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_940mx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_945m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_950m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_960m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_965m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_310:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_315:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_510:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvs_810:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k420:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_k620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*']",0,0
CVE-2016-6915,Nvidia,0.00059,7.8,0.0,1.0,0.0,1.0,1,2017-04-24,1.0,2016-12-09,,,1.0,"Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:nvidia:shield_tablet_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tablet:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:shield_tablet_tk1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tablet_tk1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:video_driver:-:*:*:*:*:android:*:*', 'cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*', 'cpe:2.3:h:google:pixel_c:-:*:*:*:*:*:*:*']",0,0
CVE-2016-6916,Nvidia,0.00042,7.8,0.0,1.0,0.0,1.0,1,2017-04-24,1.0,2016-12-09,,,1.0,"Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-190'],"['cpe:2.3:o:nvidia:shield_tablet_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tablet:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:shield_tablet_tk1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tablet_tk1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:video_driver:-:*:*:*:*:android:*:*', 'cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*', 'cpe:2.3:h:google:pixel_c:-:*:*:*:*:*:*:*']",0,0
CVE-2016-6917,Nvidia,0.00059,7.8,0.0,1.0,0.0,1.0,1,2017-04-24,1.0,2016-12-09,,,1.0,"Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:nvidia:shield_tablet_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tablet:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:shield_tablet_tk1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tablet_tk1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:video_driver:-:*:*:*:*:android:*:*', 'cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*', 'cpe:2.3:h:google:pixel_c:-:*:*:*:*:*:*:*']",0,0
CVE-2017-0866,Nvidia,0.00044,7.8,0.0,1.0,0.0,1.0,1,2017-11-16,1.0,2017-11-08,,,1.0,An elevation of privilege vulnerability in the Direct rendering infrastructure of the NVIDIA Tegra X1 where an unchecked input from userspace is passed as a pointer to kfree. This could lead to kernel memory corruption and possible code execution. This issue is rated as moderate. Product: Pixel. Version: N/A. Android ID: A-38415808. References: N-CVE-2017-0866.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:h:nvidia:tegra_x1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:tegra_x1_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2017-14491,Nvidia,0.30287,9.8,1.0,1.0,1.0,1.0,1,2017-10-04,1.0,2017-10-16,,,0.0,Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*', 'cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*', 'cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*', 'cpe:2.3:a:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*', 'cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*', 'cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*', 'cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*', 'cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tk1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_v9_play_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_v9_play:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:5.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.1:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:1.1:*:*:*:*:*:*:*']",1,1
CVE-2017-6273,Nvidia,0.00044,7.8,0.0,1.0,0.0,1.0,1,2017-10-17,1.0,2017-10-25,,,0.0,"NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader component where there is the potential to write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or possible escalation of privileges.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:nvidia:adsp_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tegra_jetson_l4t:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6278,Nvidia,0.00044,7.8,0.0,1.0,0.0,1.0,1,2018-03-26,1.0,2018-06-08,,,0.0,"NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:nvidia:jetson_tx1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:jetson_tx1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:jetson_tk1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tk1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:tegra_k1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tegra_k1:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6282,Nvidia,0.00044,7.8,0.0,1.0,0.0,1.0,1,2018-03-06,1.0,2018-02-15,,,1.0,NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This issue is rated as high.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-123'],"['cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6283,Nvidia,0.00044,5.5,0.0,1.0,0.0,1.0,1,2018-03-06,1.0,2018-02-15,,,1.0,NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. This issue is rated as high.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-200'],"['cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6284,Nvidia,0.00044,5.5,0.0,1.0,0.0,1.0,1,2018-03-06,1.0,2018-02-15,,,1.0,NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-200'],"['cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6295,Nvidia,0.00044,8.4,0.0,1.0,0.0,1.0,1,2018-03-06,1.0,2018-02-15,,,1.0,"NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. This issue is rated as high.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,NONE,HIGH,HIGH,2.0,5.8,['CWE-125'],"['cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6296,Nvidia,0.00044,7.0,0.0,1.0,0.0,1.0,1,2018-03-06,1.0,2018-02-15,,,1.0,NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate.,CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.0,5.9,['CWE-362'],"['cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3639,Nvidia,0.00251,5.5,1.0,0.0,1.0,0.0,1,2018-05-22,1.0,2019-04-02,,,0.0,"Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-203'],"['cpe:2.3:h:intel:atom_c:c2308:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3308:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3338:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3508:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3538:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3558:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3708:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3750:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3758:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3808:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3830:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3850:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3858:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3950:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3955:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3958:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e:e3805:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e:e3815:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e:e3825:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e:e3826:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e:e3827:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e:e3845:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2420:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2460:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2480:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2520:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2560:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2580:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2760:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3460:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3480:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3530:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3560:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3570:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3580:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3590:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3735d:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3735e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3735f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3735g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3736f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3736g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3740:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3740d:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3745:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3745d:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3770:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3770d:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3775:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3775d:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3785:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3795:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3455:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j4005:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j4105:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3450:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:32nm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:45nm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:32nm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:45nm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:32nm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:45nm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:32nm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:45nm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium:n4000:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium:n4100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium:n4200:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_j:j4205:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_silver:j5005:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_silver:n5000:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-1105c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:125c_:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1220_:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1275_:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:3600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:5600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:7500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:e5502:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:e5503:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:e5504:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:e5506:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:e5507:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:e5520:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:e5530:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:e5540:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:e6510:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:e6540:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:e6550:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:l3403:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:l3406:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:l3426:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:l5506:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:l5508_:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:l5518_:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:l5520:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:l5530:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:w5580:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:w5590:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:x3430:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:x3440:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:x3450:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:x3460:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:x3470:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:x3480:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:x5550:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:x5560:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:x5570:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1105c_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1125c_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_12201:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_12201_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1226_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1231_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1235:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1241_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1246_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1258l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1260l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1265l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1265l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1265l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1268l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1271_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1276_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1278l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1281_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1285_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1285_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1285l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1285l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1286_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1286l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1290:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1290_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2650l_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2658:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2658_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2658_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2658_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2658a_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2660:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2660_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2660_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2660_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2665:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2667:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2667_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2667_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2667_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2670:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2670_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2670_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2680:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2680_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2680_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2680_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2683_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2683_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2687w:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2687w_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2687w_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2687w_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2690:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2690_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2690_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2690_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2695_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2695_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2695_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2697_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2697_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2697_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2697a_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2698_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2698_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2699_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2699_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2699a_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2699r_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4603:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4603_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4607:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4607_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4610:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4610_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4610_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4610_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4617:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4620:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4620_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4620_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4620_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4624l_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4627_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4627_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4627_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4628l_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4640:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4640_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4640_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4640_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4648_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4650:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4650_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4650_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4650_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4650l:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4655_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4655_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4657l_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4660_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4660_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4667_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4667_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4669_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4669_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1428l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1428l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1428l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1620_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1630_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1650_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1660_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1680_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2403:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2403_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2407:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2407_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2408l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2418l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2418l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2418l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2420:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2420_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2428l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2428l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2428l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2430:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2430_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2430l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2430l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2438l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2440:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2440_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2448l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2448l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2450:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2450_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2450l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2450l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2470:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2470_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2603:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2603_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2603_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2603_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2608l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2608l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2609:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2609_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2609_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2609_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2618l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2618l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2618l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2620_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2623_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2623_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2628l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2628l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2637:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2637_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2637_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2637_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2640:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2640_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2640_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2643:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2643_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2643_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2643_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2648l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2648l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2648l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2648l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2803:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2820:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2830:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2850:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2850_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2860:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2870:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2870_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2880_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2890_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4807:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4809_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4809_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4809_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4820:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4820_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4820_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4820_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4830:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4830_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4830_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4830_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4850:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4850_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4850_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4850_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4860:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4860_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4870:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4870_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4880_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4890_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8830:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8837:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8850:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8850_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8857_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8860:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8860_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8860_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8867_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8867_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8867l:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8870:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8870_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8870_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8870_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8880_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8880_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8880_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8880l_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8880l_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8890_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8890_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8890_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8891_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8891_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8891_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8893_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8893_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8893_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8894_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:5115:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:85115:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:85118:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:85119t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:85120:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:85120t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:85122:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86126:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86126f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86126t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86128:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86130:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86130f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86130t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86132:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86134:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86134m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86136:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86138:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86138f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86138t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86140:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86140m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86142:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86142f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86142m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86144:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86146:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86148:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86148f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86150:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86152:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:86154:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8153:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8156:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8158:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8160:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8160f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8160m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8160t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8164:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8168:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8170:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8170m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8176:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8176f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8176m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8180:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4108:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4109t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4110:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4112:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4114:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4114t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4116:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4116t:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a:15:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a:57:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a:72:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:virtualization_manager:4.2:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:siemens:itc1500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:itc1500:3:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:itc1500_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:itc1500_pro:3:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:itc1900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:itc1900:3:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:itc1900_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:itc1900_pro:3:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:itc2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:itc2200:3:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:itc2200_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:itc2200_pro:3:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:local_service_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:ruggedcom_ape_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:ruggedcom_ape:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_et_200_sp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_et_200_sp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_field_pg_m4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc3000_smart_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc3000_smart:2:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc347e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc347e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc427c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc427c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc427d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc427d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc547e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc627c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc627c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc647c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc647c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc677c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc677c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc827c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc827c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc847c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc847c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simotion_p320-4e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simotion_p320-4e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinumerik_840_d_sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinumerik_840_d_sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinumerik_pcu_50.5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinumerik_pcu_50.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinumerik_tcu_30.3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinumerik_tcu_30.3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinema_remote_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinema_remote_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:a:mitel:micloud_management_portal:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mitel:micollab:-:*:*:*:*:*:*:*', 'cpe:2.3:a:mitel:mivoic_mx-one:-:*:*:*:*:*:*:*', 'cpe:2.3:a:mitel:mivoice_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:mitel:mivoice_border_gateway:-:*:*:*:*:*:*:*', 'cpe:2.3:a:mitel:mivoice_business:-:*:*:*:*:*:*:*', 'cpe:2.3:a:mitel:mivoice_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:a:mitel:open_integration_gateway:-:*:*:*:*:*:*:*', 'cpe:2.3:a:sonicwall:cloud_global_management_system:-:*:*:*:*:*:*:*', 'cpe:2.3:a:sonicwall:email_security:-:*:*:*:*:*:*:*', 'cpe:2.3:a:sonicwall:global_management_system:-:*:*:*:*:*:*:*', 'cpe:2.3:a:sonicwall:secure_mobile_access:-:*:*:*:*:*:*:*', 'cpe:2.3:a:sonicwall:web_application_firewall:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sonicwall:sonicosv:-:*:*:*:*:*:*:*', 'cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:jetson_tx1:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:jetson_tx2:*:*:*:*:*:*:*:*', 'cpe:2.3:h:microsoft:surface:-:*:*:*:*:*:*:*', 'cpe:2.3:h:microsoft:surface_book:-:*:*:*:*:*:*:*', 'cpe:2.3:h:microsoft:surface_book:2:*:*:*:*:*:*:*', 'cpe:2.3:h:microsoft:surface_pro:3:*:*:*:*:*:*:*', 'cpe:2.3:h:microsoft:surface_pro:4:*:*:*:*:*:*:*', 'cpe:2.3:h:microsoft:surface_pro:1796:*:*:*:*:*:*:*', 'cpe:2.3:h:microsoft:surface_pro_with_lte_advanced:1807:*:*:*:*:*:*:*', 'cpe:2.3:h:microsoft:surface_studio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*', 'cpe:2.3:o:microsoft:windows_server_2008:sp2:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*']",1,1
CVE-2018-6242,Nvidia,0.00079,6.8,0.0,1.0,1.0,0.0,1,2018-05-01,0.0,,1.0,2018-04-24,,Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM). An attacker with physical access to the device's USB and the ability to force the device to reboot into RCM could exploit the vulnerability to execute unverified code.,CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-119'],"['cpe:2.3:a:nvidia:tegra_bootrom_rcm:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tegra_mobile_processor:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5679,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,1,2019-08-06,1.0,2019-08-02,,,1.0,"NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader contains a vulnerability in nvtboot where the Trusted OS image is improperly authenticated, which may lead to code execution, denial of service, escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-287'],"['cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*']",0,0
CVE-2019-5681,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,1,2019-08-13,1.0,2019-08-02,,,1.0,"NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the custom NVIDIA API used in the mount system service where user data could be overridden, which may lead to code execution, denial of service, or information disclosure.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:google:android:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*']",0,0
CVE-2019-5682,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,1,2019-08-06,1.0,2019-08-02,,,1.0,"NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the NVIDIA Games App where it improperly exports an Activity but does not properly restrict which applications can launch the Activity, which may lead to code execution or denial of service.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*']",0,0
CVE-2019-5699,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,1,2019-10-09,1.0,2019-10-07,,,1.0,"NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader contains a vulnerability where the software performs an incorrect bounds check, which may lead to buffer overflow resulting in escalation of privileges and code execution. escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*']",0,0
CVE-2019-5700,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,1,2019-10-09,1.0,2019-10-07,,,1.0,"NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vulnerability in the bootloader, where it does not validate the fields of the boot image, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-20'],"['cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*']",0,0
CVE-2016-7391,Nvidia,0.00063,7.8,1.0,0.0,1.0,0.0,0,2016-11-08,1.0,2017-03-09,,,0.0,"For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x100010b where a missing array bounds check can allow a user to write to kernel memory, leading to denial of service or potential escalation of privileges.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-264'],"['cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*']",1,1
CVE-2016-8806,Nvidia,0.00063,7.8,1.0,0.0,1.0,0.0,0,2016-11-08,1.0,2017-03-09,,,0.0,"For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x5000027 where a pointer passed from an user to the driver is used without validation, leading to denial of service or potential escalation of privileges.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-264'],"['cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*']",1,1
CVE-2016-8823,Nvidia,0.00063,7.8,0.0,0.0,1.0,0.0,0,2016-12-16,1.0,2017-03-09,,,0.0,All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgDdiEscape where the size of an input buffer is not validated leading to a denial of service or possible escalation of privileges,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2017-0323,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,0,2017-02-15,1.0,2017-04-04,,,0.0,All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-476'],"['cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2017-0353,Nvidia,0.00044,5.5,0.0,0.0,1.0,0.0,0,2017-05-09,1.0,2017-09-25,,,0.0,All versions of the NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgDdiEscape where due to improper locking on certain conditions may lead to a denial of service,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-20'],['cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*'],0,0
CVE-2017-6252,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,0,2017-07-28,1.0,2017-07-31,,,0.0,NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler where a NULL pointer dereference may lead to a denial of service or potential escalation of privileges.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-476'],"['cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6266,Nvidia,0.00044,5.5,0.0,0.0,1.0,0.0,0,2017-09-22,1.0,2017-09-25,,,0.0,NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper access controls could allow unprivileged users to cause a denial of service.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*']",0,0
CVE-2018-6251,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,0,2018-04-02,1.0,2018-04-26,,,0.0,"NVIDIA Windows GPU Display Driver contains a vulnerability in the DirectX 10 Usermode driver, where a specially crafted pixel shader can cause writing to unallocated memory, leading to denial of service or potential code execution.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2018-6253,Nvidia,0.00052,5.5,0.0,0.0,1.0,0.0,0,2018-04-02,1.0,2018-04-26,,,0.0,NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-835'],"['cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5665,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,0,2019-02-27,1.0,2019-03-19,,,0.0,"NVIDIA Windows GPU Display driver contains a vulnerability in the 3D vision component in which the stereo service software, when opening a file, does not check for hard links. This behavior may lead to code execution, denial of service or escalation of privileges.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-59'],"['cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_driver:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5672,Nvidia,0.00168,9.1,0.0,0.0,1.0,0.0,0,2019-04-11,1.0,2019-04-02,,,1.0,"NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['CWE-320'],"['cpe:2.3:a:nvidia:jetson_tx1:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:jetson_tx2:*:*:*:*:*:*:*:*']",0,0
CVE-2019-5675,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,0,2019-05-10,1.0,2019-05-30,,,0.0,"NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes, which may lead to denial of service, escalation of privileges, or information disclosure.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-662'],['cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:windows:*:*'],0,0
CVE-2019-5680,Nvidia,0.00077,6.7,0.0,1.0,0.0,1.0,0,2019-07-19,1.0,2019-08-02,,,0.0,"In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of privileges.",CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-20'],"['cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:jetson_tx1_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-5689,Nvidia,0.00042,7.8,0.0,0.0,1.0,0.0,0,2019-11-09,1.0,2019-11-06,,,1.0,"NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or information disclosure.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*'],0,0
CVE-2019-5701,Nvidia,0.00076,7.8,0.0,0.0,1.0,0.0,0,2019-11-09,1.0,2019-11-06,,,1.0,"NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*'],0,0
CVE-2020-11615,Nvidia,0.00168,7.5,0.0,1.0,0.0,0.0,0,2020-10-29,1.0,2020-12-01,,,0.0,"NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-798'],"['cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:dgx-1:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5968,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,0,2020-06-30,1.0,2020-07-16,,,0.0,"NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed by using an index or pointer, such as memory or files, which may lead to code execution, denial of service, escalation of privileges, or information disclosure. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2020-5973,Nvidia,0.00044,4.4,0.0,0.0,1.0,0.0,0,2020-06-30,1.0,2020-07-16,,,0.0,"NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,0.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*']",0,0
CVE-2020-5974,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,0,2020-07-08,1.0,2020-07-08,,,1.0,"NVIDIA JetPack SDK, version 4.2 and 4.3, contains a vulnerability in its installation scripts in which permissions are incorrectly set on certain directories, which can lead to escalation of privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-276'],"['cpe:2.3:a:nvidia:jetpack_software_development_kit:4.2:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:jetpack_software_development_kit:4.3:*:*:*:*:*:*:*']",0,0
CVE-2021-1058,Nvidia,0.00044,7.1,0.0,0.0,1.0,0.0,0,2021-01-08,1.0,2021-01-25,,,0.0,"NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,HIGH,1.8,5.2,['CWE-1284'],"['cpe:2.3:o:citrix:hypervisor:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nutanix:ahv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_kernel-based_virtual_machine:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vmware:vsphere:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2021-1076,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,0,2021-04-21,1.0,2021-07-15,,,0.0,"NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-Other'],"['cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*']",0,0
CVE-2021-1079,Nvidia,0.00042,6.1,0.0,0.0,1.0,0.0,0,2021-04-20,1.0,2021-04-16,,,1.0,"NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. The attacker does not have control over the consequence of a modification nor would they be able to leak information as a direct result of the overwrite.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,HIGH,MEDIUM,1.8,4.2,['NVD-CWE-noinfo'],"['cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*']",0,0
CVE-2021-1107,Nvidia,0.00044,7.8,0.0,1.0,1.0,1.0,0,2021-08-11,1.0,2021-08-04,,,1.0,"NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*']",0,0
CVE-2021-1109,Nvidia,0.00044,6.3,0.0,1.0,0.0,1.0,0,2021-08-11,1.0,2021-08-04,,,1.0,"NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,MEDIUM,1.0,5.2,['NVD-CWE-noinfo'],"['cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*']",0,0
CVE-2021-1115,Nvidia,0.00042,6.5,0.0,0.0,1.0,0.0,0,2021-10-27,1.0,2021-11-02,,,0.0,"NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs, where an attacker with local unprivileged system access may cause a NULL pointer dereference, which may lead to denial of service in a component beyond the vulnerable component.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,MEDIUM,2.0,4.0,['CWE-476'],"['cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*']",0,0
CVE-2021-23217,Nvidia,0.00044,7.5,0.0,1.0,0.0,0.0,0,2021-11-20,0.0,,1.0,2021-11-19,,"NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H,LOCAL,HIGH,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,0.8,6.0,['NVD-CWE-noinfo'],"['cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2021-23219,Nvidia,0.00044,4.1,0.0,1.0,0.0,0.0,0,2021-11-20,0.0,,1.0,2021-11-19,,"NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.5,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:drive_constellation:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2070:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2080:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvidia_t1000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvidia_t2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvidia_t4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvidia_t400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:nvidia_t600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_rtx_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_rtx_4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_rtx_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_rtx_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_rtx_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_t1000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_t2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_t400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:quadro_t600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_rtx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2021-34375,Nvidia,0.00044,6.7,0.0,1.0,0.0,1.0,0,2021-06-30,1.0,2021-07-15,,,0.0,"Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-787'],"['cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*']",0,0
CVE-2021-34404,Nvidia,0.0007,7.6,0.0,0.0,1.0,0.0,0,2022-01-18,1.0,2022-01-12,,,1.0,"Android images for T210 provided by NVIDIA contain a vulnerability in BROM, where failure to limit access to AHB-DMA when BROM fails may allow an unprivileged attacker with physical access to cause denial of service or impact integrity and confidentiality beyond the security scope of BROM.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,0.9,6.0,['NVD-CWE-noinfo'],"['cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*']",0,0
CVE-2022-28181,Nvidia,0.0019,8.5,0.0,0.0,1.0,0.0,0,2022-05-17,1.0,2022-05-24,,,0.0,"NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-787'],"['cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:linux:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:windows:*:*']",0,0
CVE-2022-28184,Nvidia,0.00044,7.8,0.0,0.0,1.0,0.0,0,2022-05-17,1.0,2022-05-24,,,0.0,"NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can access administrator- privileged registers, which may lead to denial of service, information disclosure, and data tampering.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['NVD-CWE-noinfo', 'CWE-284']","['cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:linux:*:*', 'cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:windows:*:*', 'cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*']",0,0
CVE-2022-28186,Nvidia,0.00044,6.1,0.0,0.0,1.0,0.0,0,2022-05-17,1.0,2022-05-24,,,0.0,"NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service or data tampering.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,HIGH,MEDIUM,1.8,4.2,['CWE-20'],"['cpe:2.3:a:nvidia:gpu_display_driver:-:*:*:*:*:windows:*:*', 'cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:virtual_gpu:14.0:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2022-28195,Nvidia,0.00043,5.7,0.0,1.0,0.0,1.0,0,2022-04-27,1.0,2022-04-26,,,1.0,"NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L,LOCAL,LOW,HIGH,NONE,CHANGED,LOW,LOW,LOW,MEDIUM,1.5,3.7,"['CWE-190', 'CWE-20']","['cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*']",0,0
CVE-2022-28197,Nvidia,0.00043,5.0,0.0,1.0,0.0,1.0,0,2022-04-27,1.0,2022-04-26,,,1.0,"NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow. This difficult-to-exploit vulnerability may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L,LOCAL,HIGH,HIGH,NONE,CHANGED,LOW,LOW,LOW,MEDIUM,0.8,3.7,['CWE-190'],"['cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*']",0,0
CVE-2022-28200,Nvidia,0.00042,8.2,0.0,1.0,0.0,1.0,0,2022-07-02,1.0,2022-06-07,,,1.0,"NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,1.5,6.0,"['CWE-787', 'CWE-119']","['cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:dgx_a100_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2016-4496,Panasonic,0.00052,4.2,0.0,0.0,1.0,0.0,1,2016-05-12,1.0,2018-08-23,,,0.0,"Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by triggering a crafted index value, as demonstrated by an integer overflow.",CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L,LOCAL,HIGH,LOW,REQUIRED,UNCHANGED,LOW,LOW,LOW,MEDIUM,0.8,3.4,['CWE-119'],['cpe:2.3:a:panasonic:fpwin_pro:-:*:*:*:*:*:*:*'],0,0
CVE-2016-4497,Panasonic,0.0007,4.2,0.0,0.0,1.0,0.0,1,2016-05-12,1.0,2018-08-23,,,0.0,"Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service or possibly have unspecified other impact via vectors that leverage ""type confusion.""",CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L,LOCAL,HIGH,LOW,REQUIRED,UNCHANGED,LOW,LOW,LOW,MEDIUM,0.8,3.4,['CWE-20'],['cpe:2.3:a:panasonic:fpwin_pro:-:*:*:*:*:*:*:*'],0,0
CVE-2016-4498,Panasonic,0.00212,5.5,0.0,0.0,1.0,0.0,1,2016-05-12,1.0,2018-08-23,,,0.0,"Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,LOW,LOW,LOW,MEDIUM,2.1,3.4,['CWE-20'],['cpe:2.3:a:panasonic:fpwin_pro:-:*:*:*:*:*:*:*'],0,0
CVE-2016-4499,Panasonic,0.00068,4.2,0.0,0.0,1.0,0.0,1,2016-05-12,1.0,2018-08-23,,,0.0,Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (application crash) via unspecified vectors.,CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L,LOCAL,HIGH,LOW,REQUIRED,UNCHANGED,LOW,LOW,LOW,MEDIUM,0.8,3.4,['CWE-119'],['cpe:2.3:a:panasonic:fpwin_pro:-:*:*:*:*:*:*:*'],0,0
CVE-2017-2131,Panasonic,0.00056,5.3,0.0,1.0,0.0,1.0,1,2017-10-20,1.0,2017-10-17,,,1.0,Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-200'],"['cpe:2.3:o:panasonic:kx-hjb1000_firmware:ghx1yg_14.50:*:*:*:*:*:*:*', 'cpe:2.3:o:panasonic:kx-hjb1000_firmware:hjb1000_4.47:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:kx-hjb1000:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2132,Panasonic,0.00136,7.5,0.0,1.0,0.0,1.0,1,2017-10-20,1.0,2017-10-17,,,1.0,Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to delete arbitrary files in a specific directory via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:o:panasonic:kx-hjb1000_firmware:ghx1yg_14.50:*:*:*:*:*:*:*', 'cpe:2.3:o:panasonic:kx-hjb1000_firmware:hjb1000_4.47:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:kx-hjb1000:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2133,Panasonic,0.00095,8.8,0.0,1.0,0.0,1.0,1,2017-10-20,1.0,2017-10-17,,,1.0,SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-89'],"['cpe:2.3:o:panasonic:kx-hjb1000_firmware:ghx1yg_14.50:*:*:*:*:*:*:*', 'cpe:2.3:o:panasonic:kx-hjb1000_firmware:hjb1000_4.47:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:kx-hjb1000:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5151,Panasonic,0.00274,7.3,0.0,0.0,1.0,0.0,1,2017-02-13,1.0,2017-01-19,,,1.0,"An issue was discovered in VideoInsight Web Client Version 6.3.5.11 and previous versions. A SQL Injection vulnerability has been identified, which may allow remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW,HIGH,3.9,3.4,['CWE-89'],['cpe:2.3:a:panasonic:video_insight_web_client:*:*:*:*:*:*:*:*'],0,0
CVE-2018-0676,Panasonic,0.00076,8.8,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-11-20,,,1.0,BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to bypass authentication to access to the management screen and execute an arbitrary command via unspecified vectors.,CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-287'],"['cpe:2.3:o:panasonic:bn-sdwbp3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:bn-sdwbp3:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0677,Panasonic,0.00044,6.8,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-11-20,,,1.0,BN-SDWBP3 firmware version 1.0.9 and earlier allows attacker with administrator rights on the same network segment to execute arbitrary OS commands via unspecified vectors.,CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-78'],"['cpe:2.3:o:panasonic:bn-sdwbp3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:bn-sdwbp3:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0678,Panasonic,0.00044,6.8,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-11-20,,,1.0,Buffer overflow in BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to execute arbitrary code via unspecified vectors.,CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-119'],"['cpe:2.3:o:panasonic:bn-sdwbp3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:bn-sdwbp3:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16183,Panasonic,0.00081,7.8,0.0,0.0,1.0,0.0,1,2019-01-09,1.0,2018-11-29,,,1.0,"An unquoted search path vulnerability in some pre-installed applications on Panasonic PC run on Windows 7 (32bit), Windows 7 (64bit), Windows 8 (64bit), Windows 8.1 (64bit), Windows 10 (64bit) delivered in or later than October 2009 allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-428'],"['cpe:2.3:a:panasonic:system_interface_device_0021:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:x64:*', 'cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_8:*:*:*:*:*:*:x64:*', 'cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*', 'cpe:2.3:a:panasonic:system_interface_device_0040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:x64:*', 'cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_8:*:*:*:*:*:*:x64:*', 'cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*']",0,0
CVE-2019-15376,Panasonic,0.00044,5.5,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Panasonic Eluga Ray 530 Android device with a build fingerprint of Panasonic/ELUGA_Ray_530/ELUGA_Ray_530:8.1.0/O11019/1531828974:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:panasonic:eluga_ray_530_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:eluga_ray_530:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15378,Panasonic,0.00044,5.5,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Panasonic Eluga Ray 600 Android device with a build fingerprint of Panasonic/ELUGA_Ray_600/ELUGA_Ray_600:8.1.0/O11019/1532692680:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:panasonic:eluga_ray_600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:eluga_ray_600:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15429,Panasonic,0.00044,7.8,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Panasonic ELUGA_I9 Android device with a build fingerprint of Panasonic/ELUGA_I9/ELUGA_I9:7.0/NRD90M/1501740649:user/release-keys contains a pre-installed app with a package name of com.ovvi.modem app (versionCode=1, versionName=1) that allows unauthorized attacker-controlled at command via a confused deputy attack. This capability can be accessed by any app co-located on the device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-610'],"['cpe:2.3:o:panasonic:eluga_i9_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:eluga_i9:-:*:*:*:*:*:*:*']",0,0
CVE-2019-6530,Panasonic,0.01066,7.8,0.0,0.0,1.0,0.0,1,2019-06-07,1.0,2019-06-10,,,0.0,"Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user causing heap-based buffer overflows, which may lead to remote code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['CWE-787', 'CWE-122']",['cpe:2.3:a:panasonic:control_fpwin_pro:*:*:*:*:*:*:*:*'],0,0
CVE-2019-6532,Panasonic,0.00311,7.8,0.0,0.0,1.0,0.0,1,2019-06-07,1.0,2019-06-10,,,0.0,Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-843'],['cpe:2.3:a:panasonic:control_fpwin_pro:*:*:*:*:*:*:*:*'],0,0
CVE-2020-16236,Panasonic,0.00104,7.8,0.0,0.0,1.0,0.0,1,2021-01-26,1.0,2021-01-12,,,1.0,"FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-125'],['cpe:2.3:a:panasonic:fpwin_pro:*:*:*:*:*:*:*:*'],0,0
CVE-2021-32972,Panasonic,0.00063,5.5,0.0,0.0,1.0,0.0,1,2021-07-09,1.0,2021-06-29,,,1.0,"Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file specifying a URI that causes the XML parser to access the URI and embed the contents, which may allow the attacker to disclose information that is accessible in the context of the user executing software.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-611'],['cpe:2.3:a:panasonic:fpwin_pro:*:*:*:*:*:*:*:*'],0,0
CVE-2019-5996,Panasonic,0.0011,8.8,0.0,0.0,1.0,0.0,0,2019-09-12,1.0,2019-09-02,,,1.0,SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-89'],['cpe:2.3:a:panasonic:video_insight_vms:*:*:*:*:*:*:*:*'],0,0
CVE-2019-5997,Panasonic,0.00349,9.8,0.0,0.0,1.0,0.0,0,2020-05-20,1.0,2020-06-25,,,0.0,"Video Insight VMS versions prior to 7.6.1 allow remote attackers to conduct code injection attacks via unspecified vectors.
",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-94'],['cpe:2.3:a:panasonic:video_insight_vms:*:*:*:*:*:*:*:*'],0,0
CVE-2020-11715,Panasonic,0.00263,9.8,0.0,1.0,0.0,1.0,0,2020-05-19,0.0,,0.0,,,"Panasonic P99 devices through 2020-04-10 have Incorrect Access Control. NOTE: the vendor states that all affected products are at ""End-of-software-support.""",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:panasonic:p99_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:p99:-:*:*:*:*:*:*:*']",0,0
CVE-2020-11716,Panasonic,0.00222,9.8,0.0,1.0,0.0,1.0,0,2020-05-20,0.0,,0.0,,,"Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro devices through 2020-04-10 have Insecure Permissions. NOTE: the vendor states that all affected products are at ""End-of-software-support.""",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-276'],"['cpe:2.3:h:panasonic:eluga_ray_530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:panasonic:eluga_ray_530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:eluga_ray_600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:panasonic:eluga_ray_600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:p110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:panasonic:p110_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:panasonic:eluga_z1_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:eluga_z1_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:panasonic:eluga_x1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:eluga_x1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:panasonic:eluga_x1_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:eluga_x1_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2020-29193,Panasonic,0.00077,6.8,0.0,1.0,0.0,1.0,0,2020-12-28,0.0,,0.0,,,Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded password of lkjhgfdsa (which is just the asdf keyboard row in reverse order).,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-798'],"['cpe:2.3:o:panasonic:wv-s2231l_firmware:4.25:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:wv-s2231l:-:*:*:*:*:*:*:*']",0,0
CVE-2020-29194,Panasonic,0.00134,7.5,0.0,1.0,0.0,1.0,0,2020-12-28,0.0,,0.0,,,Panasonic Security System WV-S2231L 4.25 allows a denial of service of the admin control panel (which will require a physical reset to restore administrative control) via Randomnum=99AC8CEC6E845B28&mode=1 in a POST request to the cgi-bin/set_factory URI.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:panasonic:wv-s2231l_firmware:4.25:*:*:*:*:*:*:*', 'cpe:2.3:h:panasonic:wv-s2231l:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20623,Panasonic,0.01444,9.8,0.0,0.0,1.0,0.0,0,2021-02-05,1.0,2021-02-04,,,1.0,Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-319'],['cpe:2.3:a:panasonic:video_insight_vms:*:*:*:*:*:*:*:*'],0,0
CVE-2016-4507,Bosch,0.0009,6.4,0.0,0.0,1.0,0.0,1,2016-07-06,1.0,2016-07-05,,,1.0,SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE,MEDIUM,3.1,2.7,['CWE-89'],['cpe:2.3:a:bosch:bladecontrol-webvis:*:*:*:*:*:*:*:*'],0,0
CVE-2016-4508,Bosch,0.00275,6.1,0.0,0.0,1.0,0.0,1,2016-07-06,1.0,2016-07-05,,,1.0,Cross-site scripting (XSS) vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:bosch:bladecontrol-webvis:*:*:*:*:*:*:*:*'],0,0
CVE-2018-19036,Bosch,0.00303,9.8,0.0,1.0,0.0,1.0,1,2018-12-17,1.0,2018-12-21,,,0.0,An issue was discovered in several Bosch IP cameras for firmware versions 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:bosch:common_product_platform_4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_5000_ir:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_hd_1080p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_hd_1080p_hdr:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_hd_720p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_imager_9000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_5000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_starlight_7000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:extegra_ip_dynamic_9000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:extegra_ip_starlight_9000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_corner_9000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_hd_1080p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_hd_1080p_hdr:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_hd_720p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_indoor_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_indoor_4000_ir:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_indoor_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_indoor_5000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_micro_2000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_micro_2000_ip:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_micro_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_micro_5000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_outdoor_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_outdoor_4000_ir:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_outdoor_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_outdoor_5000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panormic_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:ip_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:ip_2000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:ip_bullet_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:ip_bullet_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_dynamic_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_starlight_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:tinyon_ip_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:vandal-proof_flexidome_hd_1080p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:vandal-proof_flexidome_hd_1080p_hdr:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:vandal-proof_flexidome_hd_720p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:common_product_platform_6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:aviotec_ip_starlight_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_starlight_8000_12mp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_ultra_8000_12mp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_180:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_180_iva:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_360:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_6000_12mp_360_iva:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_180:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_180_iva:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_360:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_7000_12mp_360_iva:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:common_product_platform_7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_starlight_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_starlight_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_thermal_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_starlight_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_starlight_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:common_product_platform_7.3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_4000i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_starlight_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_starlight_7000i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_4000i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_6000i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_4000i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_fusion_9000i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_starlight_7000i:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11601,Bosch,0.00184,7.5,0.0,0.0,1.0,0.0,1,2019-08-21,1.0,2019-08-19,,,1.0,A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:a:bosch:iot_gateway_software:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:prosyst_mbs_sdk:*:*:*:*:*:*:*:*']",0,0
CVE-2019-11602,Bosch,0.00154,5.3,0.0,0.0,1.0,0.0,1,2019-08-21,1.0,2019-08-19,,,1.0,Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to gather information about the file system structure.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-209'],"['cpe:2.3:a:bosch:iot_gateway_software:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:prosyst_mbs_sdk:*:*:*:*:*:*:*:*']",0,0
CVE-2019-11603,Bosch,0.00761,7.5,0.0,0.0,1.0,0.0,1,2019-08-21,1.0,2019-08-19,,,1.0,A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:a:bosch:iot_gateway_software:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:prosyst_mbs_sdk:*:*:*:*:*:*:*:*']",0,0
CVE-2019-11897,Bosch,0.00755,8.6,0.0,0.0,1.0,0.0,1,2019-08-21,1.0,2019-08-19,,,1.0,"A Server-Side Request Forgery (SSRF) vulnerability in the backup & restore functionality in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.3.0 allows a remote attacker to forge GET requests to arbitrary URLs. In addition, this could potentially allow an attacker to read sensitive zip files from the local server.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,NONE,NONE,HIGH,3.9,4.0,['CWE-918'],"['cpe:2.3:a:bosch:iot_gateway_software:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:prosyst_mbs_sdk:*:*:*:*:*:*:*:*']",0,0
CVE-2019-6957,Bosch,0.0036,9.8,0.0,1.0,1.0,1.0,1,2019-05-29,1.0,2019-04-03,,,1.0,"A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager (VRM), Video Streaming Gateway (VSG), Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). The vulnerability potentially allows the unauthorized execution of code in the system via the network interface.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:a:bosch:access_professional_edition:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_client:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:building_integration_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:building_integration_system:4.5:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:building_integration_system:4.6:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:building_integration_system:4.6.1:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:configuration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_sdk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dip_2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dip_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dip_3000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dip_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dip_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dip_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dip_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dip_7000:gen1:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dip_7000:gen2:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.8.5:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.1:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:access_easy_controller:-:*:*:*:*:*:*:*']",0,0
CVE-2019-6958,Bosch,0.00168,9.1,0.0,1.0,1.0,1.0,1,2019-05-29,1.0,2019-04-03,,,1.0,"A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). The RCP+ network port allows access without authentication. Adding authentication feature to the respective library fixes the issue. The issue is classified as ""CWE-284: Improper Access Control."" This vulnerability, for example, allows a potential attacker to delete video or read video data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['CWE-306'],"['cpe:2.3:a:bosch:access_professional_edition:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_client:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:building_integration_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:building_integration_system:4.5:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:building_integration_system:4.6:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:building_integration_system:4.6.1:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:configuration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_sdk:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dip_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dip_2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dip_3000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dip_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dip_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dip_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dip_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dip_7000:gen1:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dip_7000:gen2:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.8.5:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.1:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:access_easy_controller_firmware:2.1.9.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:access_easy_controller:-:*:*:*:*:*:*:*']",0,0
CVE-2019-7728,Bosch,0.00107,7.5,0.0,0.0,1.0,0.0,1,2019-02-22,1.0,2019-02-14,,,1.0,"An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to improperly implemented TLS certificate checks, a malicious actor could potentially succeed in executing a man-in-the-middle attack for some connections. (The Bosch Smart Home App is not affected. iOS Apps are not affected.)",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-295'],['cpe:2.3:a:bosch:smart_camera:*:*:*:*:*:android:*:*'],0,0
CVE-2019-7729,Bosch,0.00044,3.3,0.0,0.0,1.0,0.0,1,2019-02-22,1.0,2019-02-14,,,1.0,"An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to setting of insecure permissions, a malicious app could potentially succeed in retrieving video clips or still images that have been cached for clip sharing. (The Bosch Smart Home App is not affected. iOS Apps are not affected.)",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,['CWE-732'],['cpe:2.3:a:bosch:smart_camera:*:*:*:*:*:android:*:*'],0,0
CVE-2020-6767,Bosch,0.00218,6.5,0.0,1.0,1.0,0.0,1,2020-02-06,1.0,2020-01-31,,,1.0,"A path traversal vulnerability in the Bosch Video Management System (BVMS) FileTransferService allows an authenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-22'],"['cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_all-in-one_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*']",0,0
CVE-2020-6768,Bosch,0.00446,7.5,0.0,1.0,1.0,0.0,1,2020-02-07,1.0,2020-02-11,,,0.0,"A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_all-in-one_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*']",0,0
CVE-2020-6769,Bosch,0.00544,9.1,0.0,1.0,1.0,1.0,1,2020-02-07,1.0,2020-01-29,,,1.0,"Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded video data of all cameras configured to be controlled by the VSG as well as the recording storage associated with the VSG. This affects Bosch Video Streaming Gateway versions 6.45 <= 6.45.08, 6.44 <= 6.44.022, 6.43 <= 6.43.0023 and 6.42.10 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable VSG version is installed with BVMS. This affects Bosch DIVAR IP 2000 <= 3.62.0019 and DIVAR IP 5000 <= 3.80.0039 if the corresponding port 8023 has been opened in the device's firewall.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,CRITICAL,3.9,5.2,['CWE-306'],"['cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:divar_ip_2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:divar_ip_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_all-in-one_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*']",0,0
CVE-2020-6771,Bosch,0.00072,7.8,0.0,0.0,1.0,0.0,1,2021-03-25,0.0,,1.0,2021-03-24,,Loading a DLL through an Uncontrolled Search Path Element in Bosch IP Helper up to and including version 1.00.0008 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same application directory as the portable IP Helper application.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:bosch:ip_helper:*:*:*:*:*:*:*:*'],0,0
CVE-2020-6785,Bosch,0.00072,7.8,0.0,0.0,1.0,0.0,1,2021-03-25,1.0,2021-03-24,,,1.0,"Loading a DLL through an Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer in versions 10.1.0, 10.0.1, 10.0.0 and 9.0.0 and older potentially allows an attacker to execute arbitrary code on a victim's system. This affects both the installer as well as the installed application. This also affects Bosch DIVAR IP 7000 R2, Bosch DIVAR IP all-in-one 5000 and Bosch DIVAR IP all-in-one 7000 with installers and installed BVMS versions prior to BVMS 10.1.1.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],"['cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_7000_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_all-in-one_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_all-in-one_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*']",0,0
CVE-2020-6790,Bosch,0.00072,7.8,0.0,0.0,1.0,0.0,1,2021-03-25,1.0,2021-03-24,,,1.0,Calling an executable through an Uncontrolled Search Path Element in the Bosch Video Streaming Gateway installer up to and including version 6.45.10 potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious exe in the same directory where the installer is started from.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:bosch:video_streaming_gateway:*:*:*:*:*:*:*:*'],0,0
CVE-2021-23848,Bosch,0.00078,6.1,0.0,1.0,0.0,1.0,1,2021-06-09,1.0,2021-06-09,,,1.0,"An error in the URL handler Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. An attacker with knowledge of the camera address can send a crafted link to a user, which will execute javascript code in the context of the user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:bosch:cpp4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp7.3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp13:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp13_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2021-23852,Bosch,0.00081,4.9,0.0,1.0,0.0,1.0,1,2021-06-09,1.0,2021-06-09,,,1.0,An authenticated attacker with administrator rights Bosch IP cameras can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Service (DoS).,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-400'],"['cpe:2.3:o:bosch:cpp4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp7.3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp13_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp13:-:*:*:*:*:*:*:*']",0,0
CVE-2021-23853,Bosch,0.00222,9.8,0.0,1.0,0.0,1.0,1,2021-06-09,1.0,2021-06-09,,,1.0,"In Bosch IP cameras, improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],"['cpe:2.3:o:bosch:cpp4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp7.3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp13_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp13:-:*:*:*:*:*:*:*']",0,0
CVE-2021-23854,Bosch,0.00078,6.1,0.0,1.0,0.0,1.0,1,2021-06-09,1.0,2021-06-09,,,1.0,An error in the handling of a page parameter in Bosch IP cameras may lead to a reflected cross site scripting (XSS) in the web-based interface. This issue only affects versions 7.7x and 7.6x. All other versions are not affected.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:bosch:cpp6_firmware:7.62:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp6_firmware:7.70:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp6_firmware:7.72:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:7.62:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:7.70:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:7.72:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:7.62:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:7.70:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:7.72:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp7.3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp13_firmware:7.75:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp13_firmware:7.76:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp13:-:*:*:*:*:*:*:*']",0,0
CVE-2021-23856,Bosch,0.00078,6.1,0.0,1.0,0.0,1.0,1,2021-10-04,1.0,2021-10-04,,,1.0,The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a client’s computer by sending the client a manipulated URL.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:bosch:rexroth_indramotion_mlc_l20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_l20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:rexroth_indramotion_mlc_l40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_l40:-:*:*:*:*:*:*:*']",0,0
CVE-2021-23857,Bosch,0.00309,9.8,0.0,1.0,0.0,1.0,1,2021-10-04,1.0,2021-10-04,,,1.0,"Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-287', 'CWE-836']","['cpe:2.3:o:bosch:rexroth_indramotion_mlc_l20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_l20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:rexroth_indramotion_mlc_l40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_l40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:rexroth_indramotion_mlc_l25_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_l25:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:rexroth_indramotion_mlc_l45_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_l45:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:rexroth_indramotion_mlc_l65_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_l65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:rexroth_indramotion_mlc_l75_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_l75:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:rexroth_indramotion_mlc_l85_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_l85:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:rexroth_indramotion_mlc_xm22_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_xm22:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:rexroth_indramotion_mlc_xm21_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_xm21:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:rexroth_indramotion_mlc_xm41_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_xm41:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:rexroth_indramotion_mlc_xm42_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_mlc_xm42:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:rexroth_indramotion_xlc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:rexroth_indramotion_xlc:-:*:*:*:*:*:*:*']",0,0
CVE-2022-32535,Bosch,0.00201,9.8,0.0,1.0,0.0,1.0,1,2022-06-23,1.0,2022-06-22,,,1.0,The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-269', 'CWE-250']","['cpe:2.3:h:bosch:pra-es8p2s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:pra-es8p2s_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2022-32536,Bosch,0.00104,8.8,0.0,1.0,0.0,1.0,1,2022-06-23,1.0,2022-06-22,,,1.0,The user access rights validation in the web server of the Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 was insufficient. This would allow a non-administrator user to obtain administrator user access rights.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-269'],"['cpe:2.3:o:bosch:pra-es8p2s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:pra-es8p2s:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20299,Bosch,0.00381,9.8,0.0,1.0,0.0,0.0,0,2018-12-19,1.0,2018-12-18,,,1.0,"An issue was discovered in several Bosch Smart Home cameras (360 degree indoor camera and Eyes outdoor camera) with firmware before 6.52.4. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface, because there is a buffer overflow in the RCP+ parser of the web server.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:h:bosch:360-indoor_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:360-indoor_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:eyes_outdoor_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:eyes_outdoor_camera_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-11684,Bosch,0.00178,9.8,0.0,0.0,1.0,1.0,0,2021-02-26,1.0,2019-05-22,,,1.0,"Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component allows arbitrary and unauthenticated access to a limited subset of certificates, stored in the underlying Microsoft Windows operating system. The fixed versions implement modified authentication checks. Prior releases of VRM software version 3.70 are considered unaffected. This vulnerability affects VRM v3.70.x, v3.71 < v3.71.0034 and v3.81 < 3.81.0050; DIVAR IP 5000 3.80 < 3.80.0039; BVMS all versions using VRM.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:divar_ip_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:3.70.0056:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:3.70.0058:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:3.70.0060:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:3.70.0062:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:3.71.0022:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:3.71.0029:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:3.71.0031:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:3.71.0032:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:3.81.0032:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:3.81.0038:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:3.81.0048:*:*:*:*:*:*:*']",0,0
CVE-2019-11894,Bosch,0.00066,5.7,0.0,1.0,0.0,1.0,0,2019-05-29,1.0,2019-04-17,,,1.0,"A potential improper access control vulnerability exists in the backup mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in unauthorized download of a backup. In order to exploit the vulnerability, the adversary needs to download the backup directly after a backup triggered by a legitimate user has been completed.",CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.1,3.6,"['NVD-CWE-Other', 'CWE-284']","['cpe:2.3:o:bosch:smart_home_controller_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:smart_home_controller:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11898,Bosch,0.00104,9.9,0.0,0.0,1.0,0.0,0,2019-09-12,1.0,2019-09-11,,,1.0,Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE service tools. The service tool is discontinued with Bosch Access Professional Edition (APE) 3.8.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-798'],['cpe:2.3:a:bosch:access:*:*:*:*:professional:*:*:*'],0,0
CVE-2019-11899,Bosch,0.00168,7.5,0.0,0.0,1.0,0.0,0,2019-09-12,1.0,2019-09-11,,,1.0,"An unauthenticated attacker can achieve unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation. With Bosch Access Professional Edition (APE) 3.8, client installations need to be authorized by the APE administrator.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['NVD-CWE-Other', 'CWE-284']",['cpe:2.3:a:bosch:access:*:*:*:*:professional:*:*:*'],0,0
CVE-2019-8951,Bosch,0.00315,6.1,0.0,0.0,1.0,1.0,0,2019-05-13,1.0,2019-04-03,,,1.0,"An Open Redirect vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially allows a remote attacker to redirect users to an arbitrary URL. Affected hardware products: Bosch DIVAR IP 2000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.62.0019 and newer), Bosch DIVAR IP 5000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.80.0033 and newer). Affected software products: Video Recording Manager (VRM) (vulnerable versions: 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.70.0056 and newer; 3.81.0032 and newer), Bosch Video Management System (BVMS) (vulnerable versions: 3.50.00XX; 3.55.00XX; 3.60.00XX; fixed versions: 7.5; 3.70.0056).",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-601'],"['cpe:2.3:h:bosch:divar_ip_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:divar_ip_2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:divar_ip_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2019-8952,Bosch,0.00221,6.5,0.0,0.0,1.0,1.0,0,2019-05-13,1.0,2019-04-03,,,1.0,"A Path Traversal vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially allows a remote authorized user to access arbitrary files on the system via the network interface. Affected hardware products: Bosch DIVAR IP 2000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.62.0019 and newer), Bosch DIVAR IP 5000 (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; fixed versions: 3.80.0033 and newer). Affected software products: Video Recording Manager (VRM) (vulnerable versions: 3.10; 3.20; 3.21; 3.50; 3.51; 3.55; 3.60; 3.61; 3.62; 3.70; 3.71 before 3.71.0032 ; fixed versions: 3.71.0032; 3.81.0032 and newer), Bosch Video Management System (BVMS) (vulnerable versions: 3.50.00XX; 3.55.00XX; 3.60.00XX; 3.70.0056; fixed versions: 7.5; 3.71.0032).",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-22'],"['cpe:2.3:o:bosch:divar_ip_2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:divar_ip_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:divar_ip_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2020-6776,Bosch,0.00084,8.8,0.0,1.0,0.0,1.0,0,2021-01-14,1.0,2020-09-30,,,1.0,"A vulnerability in the web-based management interface of Bosch PRAESIDEO until and including version 4.41 and Bosch PRAESENSA until and including version 1.10 allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (Cross-Site Request Forgery). This requires the victim to be tricked into clicking a malicious link or submitting a malicious form. A successful exploit allows the attacker to perform arbitrary actions with the privileges of the victim, e.g. creating and modifying user accounts, changing system configuration settings and cause DoS conditions. Note: For Bosch PRAESIDEO 4.31 and newer and Bosch PRAESENSA in all versions, the confidentiality impact is considered low because user credentials are not shown in the web interface.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:bosch:praesideo_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:praesideo:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:praesensa_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:praesensa:-:*:*:*:*:*:*:*']",0,0
CVE-2020-6779,Bosch,0.00889,10.0,0.0,1.0,0.0,1.0,0,2021-01-26,1.0,2021-01-20,,,1.0,"Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges. This may result in complete compromise of the confidentiality and integrity of the stored data as well as a high availability impact on the database itself. In addition, an attacker may execute arbitrary commands on the underlying operating system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,6.0,['CWE-798'],"['cpe:2.3:h:bosch:fsm-2500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:fsm-2500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:fsm-5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:fsm-5000_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-6780,Bosch,0.0013,4.9,0.0,1.0,0.0,1.0,0,2021-01-26,1.0,2021-01-20,,,1.0,Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.2,3.6,['CWE-916'],"['cpe:2.3:o:bosch:fsm-2500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:fsm-2500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:fsm-5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:fsm-5000:-:*:*:*:*:*:*:*']",0,0
CVE-2020-6781,Bosch,0.00087,7.4,0.0,0.0,1.0,0.0,0,2020-09-16,1.0,2020-08-25,,,1.0,Improper certificate validation for certain connections in the Bosch Smart Home System App for iOS prior to version 9.17.1 potentially allows to intercept video contents by performing a man-in-the-middle attack.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.2,5.2,['CWE-295'],['cpe:2.3:a:bosch:smart_home:*:*:*:*:*:iphone_os:*:*'],0,0
CVE-2020-6786,Bosch,0.00072,7.8,0.0,0.0,1.0,0.0,0,2021-03-25,1.0,2021-03-24,,,1.0,"Loading a DLL through an Uncontrolled Search Path Element in the Bosch Video Recording Manager installer up to and including version 3.82.0055 for 3.82, up to and including version 3.81.0064 for 3.81 and 3.71 and older potentially allows an attacker to execute arbitrary code on a victim's system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],"['cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2021-23842,Bosch,0.00044,7.1,0.0,1.0,1.0,1.0,0,2022-01-19,1.0,2022-01-28,,,0.0,"Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this vulnerability to decrypt and modify network traffic, decrypt and further investigate the device\'s firmware file, and change the device configuration. The attacker needs to have access to the local network, typically even the same subnet.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,1.8,5.2,"['CWE-798', 'CWE-321']","['cpe:2.3:o:bosch:amc2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:amc2:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:access_management_system:3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:access_professional_edition:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:building_integration_system:*:*:*:*:*:*:*:*']",0,0
CVE-2021-23843,Bosch,0.00044,7.8,0.0,1.0,1.0,1.0,0,2022-01-19,1.0,2022-01-28,,,0.0,"The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker can circumvent this protection and make unauthorized changes to configuration data on the device. An attacker can exploit this vulnerability to manipulate the device\'s configuration or make it unresponsive in the local network. The attacker needs to have access to the local network, typically even the same subnet.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-306'],"['cpe:2.3:o:bosch:amc2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:amc2:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:access_management_system:3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:access_professional_edition:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:building_integration_system:*:*:*:*:*:*:*:*']",0,0
CVE-2021-23845,Bosch,0.00426,8.8,0.0,1.0,0.0,1.0,0,2021-06-18,1.0,2021-05-28,,,1.0,"This vulnerability could allow an attacker to hijack a session while a user is logged in the configuration web page. This vulnerability was discovered by a security researcher in B426 and found during internal product tests in B426-CN/B429-CN, and B426-M and has been fixed already starting from version 3.08 on, which was released on June 2019.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['NVD-CWE-noinfo', 'CWE-284']","['cpe:2.3:o:bosch:b426_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:b426:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:b426-cn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:b426-cn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:b429-cn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:b429-cn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:b426-m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:b426-m:-:*:*:*:*:*:*:*']",0,0
CVE-2021-23846,Bosch,0.00273,5.9,0.0,1.0,0.0,1.0,0,2021-06-18,1.0,2021-05-28,,,1.0,"When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-319'],"['cpe:2.3:o:bosch:b426_firmware:03.01.0004:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:b426_firmware:03.02.002:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:b426_firmware:03.03.0009:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:b426_firmware:03.05.0003:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:b426:-:*:*:*:*:*:*:*']",0,0
CVE-2021-23847,Bosch,0.0031,9.1,0.0,1.0,0.0,1.0,0,2021-06-09,1.0,2021-06-09,,,1.0,"A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device. Only devices of the CPP6, CPP7 and CPP7.3 family with firmware 7.70, 7.72, and 7.80 prior to B128 are affected by this vulnerability. Versions 7.62 or lower and INTEOX cameras are not affected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,"['CWE-306', 'CWE-287']","['cpe:2.3:o:bosch:cpp6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp6_firmware:7.70:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp6_firmware:7.72:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:7.70:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:7.72:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:7.70:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:7.72:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp7.3:-:*:*:*:*:*:*:*']",0,0
CVE-2021-23849,Bosch,0.00088,8.8,0.0,1.0,0.0,1.0,0,2021-08-05,1.0,2021-10-07,,,0.0,A vulnerability in the web-based interface allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (CSRF - Cross Site Request Forgery). This requires the victim to be tricked into clicking a malicious link or opening a malicious website while being logged in into the camera.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:bosch:cpp4_firmware:7.10:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp6_firmware:7.60:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp6_firmware:7.61:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp6_firmware:7.70:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp6_firmware:7.80:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:aviotec:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:aviotec_firmware:7.61:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:aviotec_firmware:7.72:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:7.60:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:7.61:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:7.70:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:7.72:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7_firmware:7.80:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp7.3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:7.60:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:7.61:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:7.62:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:7.70:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:7.72:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:7.73:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp7.3_firmware:7.80:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp13:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp13_firmware:7.75:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:cpp14:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:cpp14_firmware:8.00:*:*:*:*:*:*:*']",0,0
CVE-2021-23850,Bosch,0.00167,7.2,0.0,1.0,0.0,1.0,0,2022-03-30,1.0,2022-04-08,,,0.0,A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,"['CWE-120', 'CWE-121']","['cpe:2.3:h:bosch:autodome_ip_4000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_4000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_5000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_starlight_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_starlight_5000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_starlight_7000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_starlight_7000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_3000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_3000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_4000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_bullet_4000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_bullet_5000_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_bullet_5000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_bullet_6000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_6000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_3000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_3000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_4000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_4000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_5000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_starlight_5000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_starlight_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_starlight_8000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_starlight_8000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:mic_ip_starlight_7000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_starlight_7000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:mic_ip_starlight_7100i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_starlight_7100i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:mic_ip_ultra_7100i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_ultra_7100i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:mic_ip_fusion_9000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_fusion_9000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_starlight_6000_firmware:cpp7:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_starlight_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_starlight_7000_firmware:cpp7:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_starlight_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_thermal_8000_firmware:cpp7:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_thermal_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_starlight_6000_firmware:cpp7:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_starlight_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_starlight_7000_firmware:cpp7:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_starlight_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_thermal_9000_rm_firmware:cpp7:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_thermal_9000_rm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:aviotec_ip_starlight_8000_firmware:cpp6:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:aviotec_ip_starlight_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_starlight_8000_firmware:cpp6:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_starlight_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_ultra_8000_firmware:cpp6:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_ultra_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_panoramic_6000_firmware:cpp6:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_panoramic_7000_firmware:cpp6:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_4000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_5000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_5000_ir_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_5000_ir:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_7000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_hd_1080p_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_hd_1080p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_hd_1080p_hdr_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_hd_1080p_hdr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_hd_720p_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_hd_720p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_imager_9000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_imager_9000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_bullet_4000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_4000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_bullet_5000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_4000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_5000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_5000_mp_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_5000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_starlight_7000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_starlight_7000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_corner_9000_mp_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_corner_9000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_hd_1080p_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_hd_1080p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_hd_1080p_hdr_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_hd_1080p_hdr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_hd_720p_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_hd_720p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:vandal-proof_flexidome_hd_1080p_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:vandal-proof_flexidome_hd_1080p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:vandal-proof_flexidome_hd_1080p_hdr_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:vandal-proof_flexidome_hd_1080p_hdr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:vandal-proof_flexidome_hd_720p_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:vandal-proof_flexidome_hd_720p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_micro_2000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_micro_2000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_micro_2000_ip_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_micro_2000_ip:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_indoor_4000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_indoor_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_indoor_4000_ir_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_indoor_4000_ir:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_outdoor_4000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_outdoor_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_outdoor_4000_ir_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_outdoor_4000_ir:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_indoor_5000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_indoor_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_indoor_5000_mp_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_indoor_5000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_micro_5000_mp_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_micro_5000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_outdoor_5000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_outdoor_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_outdoor_5000_mp_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_outdoor_5000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_panoramic_5000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:ip_bullet_4000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:ip_bullet_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:ip_bullet_5000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:ip_bullet_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:ip_micro_2000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:ip_micro_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:ip_micro_2000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:ip_micro_2000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:mic_ip_dynamic_7000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_dynamic_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:mic_ip_starlight_7000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_starlight_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:tinyon_ip_2000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:tinyon_ip_2000:-:*:*:*:*:*:*:*']",0,0
CVE-2021-23851,Bosch,0.00165,7.2,0.0,1.0,0.0,1.0,0,2022-03-30,1.0,2022-04-08,,,0.0,A specially crafted TCP/IP packet may cause the camera recovery image web interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,"['CWE-120', 'CWE-121']","['cpe:2.3:o:bosch:autodome_ip_4000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_4000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_5000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_starlight_5000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_starlight_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_starlight_7000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_starlight_7000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_3000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_3000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_bullet_4000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_4000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_bullet_5000_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_bullet_5000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_bullet_6000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_6000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_3000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_3000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_4000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_4000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_5000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_starlight_5000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_starlight_5000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_starlight_8000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_starlight_8000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:mic_ip_starlight_7000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_starlight_7000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:mic_ip_starlight_7100i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_starlight_7100i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:mic_ip_ultra_7100i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_ultra_7100i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:mic_ip_fusion_9000i_firmware:cpp7.3:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_fusion_9000i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_starlight_6000_firmware:cpp7:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_starlight_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_starlight_7000_firmware:cpp7:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_starlight_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_thermal_8000_firmware:cpp7:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_thermal_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_starlight_6000_firmware:cpp7:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_starlight_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_starlight_7000_firmware:cpp7:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_starlight_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_thermal_9000_rm_firmware:cpp7:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_thermal_9000_rm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:aviotec_ip_starlight_8000_firmware:cpp6:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:aviotec_ip_starlight_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_starlight_8000_firmware:cpp6:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_starlight_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_ultra_8000_firmware:cpp6:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_ultra_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_panoramic_6000_firmware:cpp6:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_panoramic_7000_firmware:cpp6:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_4000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_5000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_ip_5000_ir_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_ip_5000_ir:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:autodome_7000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:autodome_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_hd_1080p_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_hd_1080p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_hd_1080p_hdr_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_hd_1080p_hdr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_hd_720p_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_hd_720p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_imager_9000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_imager_9000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_bullet_4000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_4000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_bullet_5000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_bullet_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_4000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_5000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_5000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_5000_mp_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:dinion_ip_starlight_7000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:dinion_ip_starlight_7000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_corner_9000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_corner_9000_mp_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_hd_1080p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_hd_1080p_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_hd_1080p_hdr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_hd_1080p_hdr_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_hd_720p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_hd_720p_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:vandal-proof_flexidome_hd_1080p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:vandal-proof_flexidome_hd_1080p_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:vandal-proof_flexidome_hd_1080p_hdr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:vandal-proof_flexidome_hd_1080p_hdr_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:vandal-proof_flexidome_hd_720p_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:vandal-proof_flexidome_hd_720p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_micro_2000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_micro_2000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_micro_2000_ip_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_micro_2000_ip:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_indoor_4000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_indoor_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_indoor_4000_ir_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_indoor_4000_ir:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_outdoor_4000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_outdoor_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_outdoor_4000_ir_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_outdoor_4000_ir:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_indoor_5000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_indoor_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_indoor_5000_mp_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_indoor_5000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_micro_5000_mp_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_micro_5000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_outdoor_5000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_outdoor_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_outdoor_5000_mp_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_outdoor_5000_mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:flexidome_ip_panoramic_5000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:flexidome_ip_panoramic_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:ip_bullet_4000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:ip_bullet_4000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:ip_bullet_5000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:ip_bullet_5000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:ip_micro_2000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:ip_micro_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:ip_micro_2000_hd_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:ip_micro_2000_hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:mic_ip_dynamic_7000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_dynamic_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:mic_ip_starlight_7000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:mic_ip_starlight_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:tinyon_ip_2000_firmware:cpp4:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:tinyon_ip_2000:-:*:*:*:*:*:*:*']",0,0
CVE-2021-23859,Bosch,0.0011,7.5,0.0,1.0,1.0,1.0,0,2021-12-08,1.0,2021-12-08,,,1.0,"An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local accessible lowering the CVSS base score. For a list of modified CVSS scores, please see the official Bosch Advisory Appendix chapter Modified CVSS Scores for CVE-2021-23859",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-755', 'CWE-703']","['cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:10.1:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:divar_ip_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:divar_ip_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:access_easy_controller_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:access_easy_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:access_professional_edition:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:building_integration_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager_exporter:*:*:*:*:*:*:*:*']",0,0
CVE-2021-23860,Bosch,0.00078,6.1,0.0,0.0,1.0,1.0,0,2021-12-08,1.0,2021-12-08,,,1.0,An error in a page handler of the VRM may lead to a reflected cross site scripting (XSS) in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:bosch:divar_ip_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:divar_ip_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:10.1:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2021-23861,Bosch,0.00081,6.5,0.0,0.0,1.0,1.0,0,2021-12-08,1.0,2021-12-08,,,1.0,"By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM installed.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,HIGH,MEDIUM,1.2,5.2,"['NVD-CWE-Other', 'CWE-489']","['cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:10.1:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:divar_ip_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:divar_ip_7000_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2021-23862,Bosch,0.00155,7.2,0.0,1.0,1.0,1.0,0,2021-12-08,1.0,2021-12-08,,,1.0,"A crafted configuration packet sent by an authenticated administrative user can be used to execute arbitrary commands in system context. This issue also affects installations of the VRM, DIVAR IP, BVMS with VRM installed, the VIDEOJET decoder (VJD-7513 and VJD-8000).",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,"['CWE-78', 'CWE-20']","['cpe:2.3:o:bosch:divar_ip_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:divar_ip_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:10.1:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:bosch_video_management_system:11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bosch:video_recording_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:videojet_decoder_7513:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:videojet_decoder_7513_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:videojet_decoder_8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bosch:videojet_decoder_8000_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2022-32534,Bosch,0.00191,9.8,0.0,1.0,0.0,1.0,0,2022-06-23,1.0,2022-06-22,,,1.0,The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-78', 'CWE-20']","['cpe:2.3:o:bosch:pra-es8p2s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:bosch:pra-es8p2s:-:*:*:*:*:*:*:*']",0,0
CVE-2016-5081,Zmodo,0.00536,9.8,0.0,1.0,0.0,0.0,1,2016-08-24,1.0,2016-08-12,,,1.0,"ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:h:zmodo:zp-ibh-13w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zmodo:zp-ne-14-s:-:*:*:*:*:*:*:*']",0,0
CVE-2016-5650,Zmodo,0.00199,7.5,0.0,1.0,0.0,0.0,1,2016-08-24,1.0,2016-08-12,,,1.0,"ZModo ZP-NE14-S and ZP-IBH-13W devices do not enforce a WPA2 configuration setting, which allows remote attackers to trigger association with an arbitrary access point by using a recognized SSID value.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-284'],"['cpe:2.3:h:zmodo:zp-ibh-13w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zmodo:zp-ne-14-s:-:*:*:*:*:*:*:*']",0,0
CVE-2016-5639,Crestron Electronics,0.0084,7.5,1.0,0.0,0.0,1.0,1,2016-08-03,1.0,2016-08-01,,,1.0,Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the src parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:crestron:airmedia_am-100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:airmedia_am-100:-:*:*:*:*:*:*:*']",1,1
CVE-2016-5640,Crestron Electronics,0.00494,9.8,0.0,0.0,0.0,1.0,1,2016-08-03,1.0,2016-08-01,,,1.0,Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to execute arbitrary commands via a .. (dot dot) in the ATE_COMMAND parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:crestron:airmedia_am-100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:airmedia_am-100:-:*:*:*:*:*:*:*']",0,0
CVE-2016-5666,Crestron Electronics,0.00319,9.8,0.0,1.0,0.0,1.0,1,2016-08-03,1.0,2016-08-01,,,1.0,"Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:crestron:dm-txrx-100-str_firmware:1.2866.00026:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dm-txrx-100-str:-:*:*:*:*:*:*:*']",0,0
CVE-2016-5667,Crestron Electronics,0.00319,9.8,0.0,1.0,0.0,1.0,1,2016-08-03,1.0,2016-08-01,,,1.0,Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication via a direct request to a page other than index.html.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:crestron:dm-txrx-100-str_firmware:1.2866.00026:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dm-txrx-100-str:-:*:*:*:*:*:*:*']",0,0
CVE-2016-5668,Crestron Electronics,0.00319,9.8,0.0,1.0,0.0,1.0,1,2016-08-03,1.0,2016-08-01,,,1.0,Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication and change settings via a JSON API call.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:crestron:dm-txrx-100-str_firmware:1.2866.00026:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dm-txrx-100-str:-:*:*:*:*:*:*:*']",0,0
CVE-2016-5669,Crestron Electronics,0.00184,9.8,0.0,1.0,0.0,1.0,1,2016-08-03,1.0,2016-08-01,,,1.0,"Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificate from an OpenSSL Test Certification Authority, which makes it easier for remote attackers to conduct man-in-the-middle attacks against HTTPS sessions by leveraging the certificate's trust relationship.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:crestron:dm-txrx-100-str_firmware:1.2866.00026:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dm-txrx-100-str:-:*:*:*:*:*:*:*']",0,0
CVE-2016-5670,Crestron Electronics,0.00335,9.8,0.0,1.0,0.0,1.0,1,2016-08-03,1.0,2016-08-01,,,1.0,"Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 have a hardcoded password of admin for the admin account, which makes it easier for remote attackers to obtain access via the web management interface.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-255'],"['cpe:2.3:o:crestron:dm-txrx-100-str_firmware:1.2866.00026:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dm-txrx-100-str:-:*:*:*:*:*:*:*']",0,0
CVE-2016-5671,Crestron Electronics,0.00103,8.8,0.0,1.0,0.0,1.0,1,2016-08-03,1.0,2016-08-01,,,1.0,Multiple cross-site request forgery (CSRF) vulnerabilities on Crestron Electronics DM-TXRX-100-STR devices with firmware through 1.3039.00040 allow remote attackers to hijack the authentication of arbitrary users.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:crestron:dm-txrx-100-str_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dm-txrx-100-str:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16709,Crestron Electronics,0.67815,7.2,1.0,0.0,0.0,1.0,1,2018-07-11,1.0,2018-06-30,,,1.0,Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote authenticated administrators to execute arbitrary code via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:crestron:airmedia_am-100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:airmedia_am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:airmedia_am-101_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:airmedia_am-101:-:*:*:*:*:*:*:*']",1,1
CVE-2018-11228,Crestron Electronics,0.03648,9.8,0.0,1.0,0.0,1.0,1,2018-06-08,1.0,2018-05-30,,,1.0,"Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via a Bash shell service in Crestron Toolbox Protocol (CTP).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-94'],"['cpe:2.3:o:crestron:crestron_toolbox_protocol_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dmc-str:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-1060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-1060-nc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-560:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-560-nc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-760:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-760-nc:-:*:*:*:*:*:*:*']",0,0
CVE-2018-11229,Crestron Electronics,0.04084,9.8,0.0,1.0,0.0,1.0,1,2018-06-08,1.0,2018-05-30,,,1.0,"Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via command injection in Crestron Toolbox Protocol (CTP).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:crestron:crestron_toolbox_protocol_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dmc-str:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-1060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-1060-nc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-560:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-560-nc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-760:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-760-nc:-:*:*:*:*:*:*:*']",0,0
CVE-2018-5553,Crestron Electronics,0.00368,9.8,0.0,1.0,0.0,1.0,1,2018-07-10,1.0,2018-06-04,,,1.0,"The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:crestron:dge-100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dge-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:dm-dge-200-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dm-dge-200-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:ts-1542-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:ts-1542-c:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18184,Crestron Electronics,0.02048,9.8,0.0,1.0,0.0,1.0,1,2019-11-27,0.0,,0.0,,,Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:crestron:dmc-stro_firmware:1.0:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dmc-stro:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3925,Crestron Electronics,0.00758,9.8,0.0,1.0,0.0,1.0,1,2019-04-30,0.0,,1.0,2019-01-05,,"Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.9.3. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-78', 'CWE-79']","['cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3926,Crestron Electronics,0.00758,9.8,0.0,1.0,0.0,1.0,1,2019-04-30,0.0,,1.0,2019-01-05,,"Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.14.1. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-78', 'CWE-79']","['cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3927,Crestron Electronics,0.0141,9.8,0.0,1.0,0.0,1.0,1,2019-04-30,0.0,,1.0,2019-01-05,,"Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 anyone can change the administrator and moderator passwords via the iso.3.6.1.4.1.3212.100.3.2.8.1 and iso.3.6.1.4.1.3212.100.3.2.8.2 OIDs. A remote, unauthenticated attacker can use this vulnerability to change the admin or moderator user's password and gain access to restricted areas on the HTTP interface.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-287', 'CWE-284']","['cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3928,Crestron Electronics,0.00162,5.3,0.0,1.0,0.0,1.0,1,2019-04-30,0.0,,1.0,2019-01-05,,"Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allow any user to obtain the presentation passcode via the iso.3.6.1.4.1.3212.100.3.2.7.4 OIDs. A remote, unauthenticated attacker can use this vulnerability to access a restricted presentation or to become the presenter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,"['NVD-CWE-Other', 'CWE-284']","['cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3929,Crestron Electronics,0.97362,9.8,1.0,1.0,0.0,1.0,1,2019-04-30,0.0,,1.0,2019-01-05,,"The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-78', 'CWE-79']","['cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*', 'cpe:2.3:o:barco:wepresent_wipg-1000p_firmware:2.3.0.10:*:*:*:*:*:*:*', 'cpe:2.3:h:barco:wepresent_wipg-1000p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:barco:wepresent_wipg-1600w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:barco:wepresent_wipg-1600w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:extron:sharelink_200_firmware:2.0.3.4:*:*:*:*:*:*:*', 'cpe:2.3:h:extron:sharelink_200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:extron:sharelink_250_firmware:2.0.3.4:*:*:*:*:*:*:*', 'cpe:2.3:h:extron:sharelink_250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:teqavit:wips710_firmware:1.1.0.7:*:*:*:*:*:*:*', 'cpe:2.3:h:teqavit:wips710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:pn-l703wa_firmware:1.4.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:pn-l703wa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:optoma:wps-pro_firmware:1.0.0.5:*:*:*:*:*:*:*', 'cpe:2.3:h:optoma:wps-pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:blackbox:hd_wireless_presentation_system_firmware:1.0.0.5:*:*:*:*:*:*:*', 'cpe:2.3:h:blackbox:hd_wireless_presentation_system:-:*:*:*:*:*:*:*', 'cpe:2.3:o:infocus:liteshow3_firmware:1.0.16:*:*:*:*:*:*:*', 'cpe:2.3:h:infocus:liteshow3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:infocus:liteshow4_firmware:2.0.0.7:*:*:*:*:*:*:*', 'cpe:2.3:h:infocus:liteshow4:-:*:*:*:*:*:*:*']",2,1
CVE-2019-3930,Crestron Electronics,0.01699,9.8,0.0,1.0,0.0,1.0,1,2019-04-30,0.0,,1.0,2019-01-05,,"The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so's PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:barco:wepresent_wipg-1000p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:barco:wepresent_wipg-1000p_firmware:2.3.0.10:*:*:*:*:*:*:*', 'cpe:2.3:h:barco:wepresent_wipg-1600w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:barco:wepresent_wipg-1600w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:extron:sharelink_200_firmware:2.0.3.4:*:*:*:*:*:*:*', 'cpe:2.3:h:extron:sharelink_200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:extron:sharelink_250_firmware:2.0.3.4:*:*:*:*:*:*:*', 'cpe:2.3:h:extron:sharelink_250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:teqavit:wips710_firmware:1.1.0.7:*:*:*:*:*:*:*', 'cpe:2.3:h:teqavit:wips710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:pn-l703wa_firmware:1.4.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:pn-l703wa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:optoma:wps-pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:optoma:wps-pro_firmware:1.0.0.5:*:*:*:*:*:*:*', 'cpe:2.3:h:blackbox:hd_wireless_presentation_system:-:*:*:*:*:*:*:*', 'cpe:2.3:o:blackbox:hd_wireless_presentation_system_firmware:1.0.0.5:*:*:*:*:*:*:*', 'cpe:2.3:o:infocus:liteshow3_firmware:1.0.16:*:*:*:*:*:*:*', 'cpe:2.3:h:infocus:liteshow3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:infocus:liteshow4_firmware:2.0.0.7:*:*:*:*:*:*:*', 'cpe:2.3:h:infocus:liteshow4:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3931,Crestron Electronics,0.00111,8.8,0.0,1.0,0.0,1.0,1,2019-04-30,0.0,,1.0,2019-01-05,,"Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl binary via crafted HTTP requests to return.cgi. A remote, authenticated attacker can use this vulnerability to upload files to the device and ultimately execute code as root.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-88'],"['cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3932,Crestron Electronics,0.00998,9.8,0.0,1.0,0.0,1.0,1,2019-04-30,0.0,,1.0,2019-01-05,,"Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. A remote, unauthenticated attacker can use this vulnerability to control external devices via the uart_bridge.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-798', 'CWE-249']","['cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3933,Crestron Electronics,0.00192,5.3,0.0,1.0,0.0,1.0,1,2019-04-30,0.0,,1.0,2019-01-05,,"Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP. A remote, unauthenticated attacker can use this vulnerability to watch a slideshow without knowing the access code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,"['CWE-425', 'CWE-284']","['cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3934,Crestron Electronics,0.00252,5.3,0.0,1.0,0.0,1.0,1,2019-04-30,0.0,,1.0,2019-01-05,,"Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. A remote, unauthenticated attacker can use this vulnerability to download the current slide image without knowing the access code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,"['CWE-425', 'CWE-284']","['cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3935,Crestron Electronics,0.00857,7.5,0.0,1.0,0.0,1.0,1,2019-04-30,0.0,,1.0,2019-01-05,,"Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP POST requests to conference.cgi. A remote, unauthenticated attacker can use this vulnerability to start, stop, and disconnect active slideshows.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH,CRITICAL,3.9,5.2,"['NVD-CWE-Other', 'CWE-284']","['cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3936,Crestron Electronics,0.00217,7.5,0.0,1.0,0.0,1.0,1,2019-04-30,0.0,,1.0,2019-01-05,,"Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 is vulnerable to denial of service via a crafted request to TCP port 389. The request will force the slideshow to transition into a ""stopped"" state. A remote, unauthenticated attacker can use this vulnerability to stop an active slideshow.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['NVD-CWE-noinfo', 'CWE-284']","['cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*']",0,0
CVE-2018-10630,Crestron Electronics,0.00304,9.8,0.0,1.0,0.0,1.0,0,2018-08-10,1.0,2018-08-09,,,1.0,"For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version prior to 1.502.0047.001, The devices are shipped with authentication disabled, and there is no indication to users that they need to take steps to enable it. When compromised, the access to the CTP console is left open.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-287', 'CWE-284']","['cpe:2.3:o:crestron:tsw-x60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-1060-b-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-1060-nc-b-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-1060-nc-w-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-1060-w-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-560-b-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-560-nc-b-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-560-nc-w-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-560-w-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-760-b-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-760-nc-b-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-760-nc-w-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-760-w-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:mc3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:mc3:-:*:*:*:*:*:*:*']",0,0
CVE-2018-13341,Crestron Electronics,0.00769,8.8,0.0,1.0,0.0,0.0,0,2018-08-10,1.0,2018-08-09,,,1.0,"Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. Attackers could decipher these passwords, which may allow them to execute hidden API calls and escape the CTP console sandbox environment with elevated privileges.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:crestron:tsw-x60_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-1060-b-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-1060-nc-b-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-1060-nc-w-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-1060-w-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-560-b-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-560-nc-b-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-560-nc-w-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-560-w-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-760-b-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-760-nc-b-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-760-nc-w-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:tsw-760-w-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:mc3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:mc3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3910,Crestron Electronics,0.00266,9.1,0.0,0.0,0.0,1.0,0,2019-01-18,0.0,,0.0,,,Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH,CRITICAL,3.9,5.2,['NVD-CWE-noinfo'],"['cpe:2.3:h:crestron:airmedia_am-100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:airmedia_am-100_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-16839,Crestron Electronics,0.00092,7.5,0.0,1.0,0.0,1.0,0,2021-07-30,0.0,,0.0,,,"On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802 patch, the password can be changed by sending an unauthenticated WebSocket request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-287'],"['cpe:2.3:h:crestron:dm-nvx-dir-80:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:dm-nvx-dir-80_firmware:1.0.1.788:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dm-nvx-dir-160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:dm-nvx-dir-160_firmware:1.0.1.788:*:*:*:*:*:*:*', 'cpe:2.3:h:crestron:dm-nvx-dir-ent:-:*:*:*:*:*:*:*', 'cpe:2.3:o:crestron:dm-nvx-dir-ent_firmware:1.0.1.788:*:*:*:*:*:*:*']",0,0
CVE-2022-34100,Crestron Electronics,0.00104,8.8,0.0,0.0,1.0,0.0,0,2022-09-13,1.0,2022-09-09,,,1.0,"A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user can gain a SYSTEM level command prompt by pre-staging a file structure prior to the installation of a trusted service executable and change permissions on that file structure during a repair operation.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:crestron:airmedia:4.3.1.39:*:*:*:*:windows:*:*'],0,0
CVE-2022-34101,Crestron Electronics,0.00076,7.8,0.0,0.0,1.0,0.0,0,2022-09-13,1.0,2022-09-09,,,1.0,"A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:crestron:airmedia:4.3.1.39:*:*:*:*:windows:*:*'],0,0
CVE-2022-34102,Crestron Electronics,0.00087,8.8,0.0,0.0,1.0,0.0,0,2022-09-13,1.0,2022-09-09,,,1.0,"Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-Other'],['cpe:2.3:a:crestron:airmedia:4.3.1.39:*:*:*:*:windows:*:*'],0,0
CVE-2022-40298,Crestron Electronics,0.00104,8.8,0.0,0.0,1.0,0.0,0,2022-09-23,1.0,2022-09-16,,,1.0,"Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39. A low privileged user can initiate a repair of the system and gain a SYSTEM level shell.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-732'],['cpe:2.3:a:crestron:airmedia:4.3.1.39:*:*:*:*:windows:*:*'],0,0
CVE-2016-5681,D-Link,0.02915,9.8,0.0,1.0,0.0,1.0,1,2016-08-25,1.0,2016-08-11,,,1.0,"Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-868l:b1:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-822_firmware:3.01:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-822:a1:*:*:*:*:*:*:*', 'cpe:2.3:o:d-link:dir-880l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-880l:a1:*:*:*:*:*:*:*', 'cpe:2.3:o:d-link:dir-850l_firmare:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-850l:b1:*:*:*:*:*:*:*', 'cpe:2.3:o:d-link:dir-895l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-895l:a1:*:*:*:*:*:*:*', 'cpe:2.3:o:d-link:dir-817l\\(w\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-817l\\(w\\):ax:*:*:*:*:*:*:*', 'cpe:2.3:o:d-link:dir-818l\\(w\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-818l\\(w\\):ax:*:*:*:*:*:*:*', 'cpe:2.3:o:d-link:dir-890l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-890l:a1:*:*:*:*:*:*:*', 'cpe:2.3:o:d-link:dir-823_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-823:a1:*:*:*:*:*:*:*', 'cpe:2.3:o:d-link:dir-885l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-885l:a1:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-868l:c1:*:*:*:*:*:*:*']",0,0
CVE-2016-6563,D-Link,0.96689,9.8,1.0,1.0,0.0,1.0,1,2018-07-13,1.0,2016-11-07,,,1.0,"Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-119', 'CWE-121']","['cpe:2.3:o:dlink:dir-823_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-823:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-822_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-818l\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-818l\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-895l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-895l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-890l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-890l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-885l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-885l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-880l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-868l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-850l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-850l:-:*:*:*:*:*:*:*']",1,1
CVE-2017-10676,D-Link,0.00113,6.1,0.0,1.0,0.0,0.0,1,2017-07-20,1.0,2017-07-20,,,1.0,"On D-Link DIR-600M devices before C1_v3.05ENB01_beta_20170306, XSS was found in the form2userconfig.cgi username parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:d-link:dir-600m_firmware:fw3.05b01:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-600m:-:*:*:*:*:*:*:*']",0,0
CVE-2017-17020,D-Link,0.01055,8.8,1.0,1.0,0.0,1.0,1,2018-05-01,1.0,2019-11-11,,,0.0,"On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd (binary responsible for running the camera's web server) allows remote authenticated attackers to execute code through sanitized /setSystemAdmin user input in the AdminID field being passed directly to a call to system.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:dlink:dcs-5009_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dcs-5009:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dcs-5010_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dcs-5010:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dcs-5020l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dcs-5020l:-:*:*:*:*:*:*:*']",1,0
CVE-2017-6411,D-Link,0.00164,8.8,1.0,1.0,0.0,1.0,1,2017-03-06,0.0,,1.0,2017-03-01,,Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers to change the DNS or firewall configuration or any password.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:dlink:dsl-2730u_firmware:in_1.00:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dsl-2730u:-:*:*:*:*:*:*:*']",1,0
CVE-2017-9100,D-Link,0.35145,8.8,0.0,1.0,0.0,1.0,1,2017-05-21,0.0,,0.0,,,login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-287'],"['cpe:2.3:o:dlink:dir-600m_firmware:3.04:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-600m:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9675,D-Link,0.01516,7.5,1.0,0.0,0.0,1.0,1,2017-06-15,0.0,,0.0,,,"On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:o:dlink:dir-605l_firmware:2.08b01:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-605l:-:*:*:*:*:*:*:*']",1,1
CVE-2018-12103,D-Link,0.00065,6.5,0.0,1.0,0.0,1.0,1,2018-07-05,0.0,,1.0,2018-11-16,,"An issue was discovered on D-Link DIR-890L with firmware 1.21B02beta01 and earlier, DIR-885L/R with firmware 1.21B03beta01 and earlier, and DIR-895L/R with firmware 1.21B04beta04 and earlier devices (all hardware revisions). Due to the predictability of the /docs/captcha_(number).jpeg URI, being local to the network, but unauthenticated to the administrator's panel, an attacker can disclose the CAPTCHAs used by the access point and can elect to load the CAPTCHA of their choosing, leading to unauthorized login attempts to the access point.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-863'],"['cpe:2.3:o:dlink:dir-890l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-890l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:d-link:dir-885l\\/r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:d-link:dir-885\\/r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:d-link:dir-895l\\/r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:d-link:dir-895\\/r:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15839,D-Link,0.68403,9.8,1.0,1.0,0.0,1.0,1,2018-08-28,0.0,,0.0,,,D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-615_firmware:-:*:*:*:*:*:*:*']",1,0
CVE-2018-17065,D-Link,0.00438,9.8,0.0,1.0,0.0,1.0,1,2018-09-15,0.0,,0.0,,,"An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/DDNS route, a very long password could lead to a stack-based buffer overflow and overwrite the return address.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:dlink:dir-816_a2_firmware:1.10_b05:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-816_a2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17067,D-Link,0.00438,9.8,0.0,1.0,0.0,1.0,1,2018-09-15,0.0,,0.0,,,An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:dlink:dir-816_a2_firmware:1.10_b05:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-816_a2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17989,D-Link,0.00082,5.4,0.0,1.0,0.0,1.0,1,2019-04-01,1.0,2019-01-24,,,1.0,"A stored XSS vulnerability exists in the web interface on D-Link DSL-3782 devices with firmware 1.01 that allows authenticated attackers to inject a JavaScript or HTML payload inside the ACL page. The injected payload would be executed in a user's browser when ""/cgi-bin/New_GUI/Acl.asp"" is requested.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:dlink:dsl-3782_firmware:1.01:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dsl-3782:-:*:*:*:*:*:*:*']",0,0
CVE-2018-6210,D-Link,0.00515,9.8,0.0,0.0,0.0,1.0,1,2018-06-19,0.0,,0.0,,,"D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:h:dlink:dir-620:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-620_firmware:1.0.37:*:*:*:*:*:*:*']",0,0
CVE-2019-12767,D-Link,0.00257,9.8,0.0,1.0,0.0,0.0,1,2020-03-21,0.0,,0.0,,,An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:h:dlink:dap-1650:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-1650_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-13482,D-Link,0.00191,8.8,0.0,1.0,0.0,0.0,1,2019-07-10,0.0,,0.0,,,An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWanSettings.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:h:dlink:dir-818lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-818lw_firmware:2.06:betab01:*:*:*:*:*:*']",0,0
CVE-2019-13563,D-Link,0.00298,8.8,0.0,1.0,0.0,1.0,1,2019-07-11,0.0,,0.0,,,D-Link DIR-655 C devices before 3.02B05 BETA03 allow CSRF for the entire management console.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:dlink:dir-655_firmware:3.02b05:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-655:c1:*:*:*:*:*:*:*']",0,0
CVE-2019-17353,D-Link,0.00218,8.2,0.0,1.0,0.0,1.0,1,2019-10-09,0.0,,0.0,,,"An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,HIGH,NONE,HIGH,3.9,4.2,['CWE-306'],"['cpe:2.3:o:dlink:dir-615_firmware:20.05:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-615_firmware:20.07:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:*']",0,0
CVE-2019-17509,D-Link,0.04982,9.8,0.0,1.0,0.0,1.0,1,2019-10-11,0.0,,0.0,,,D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetMasterWLanSettings with shell metacharacters to /squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:dlink:dir-846_firmware:100a35:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-846:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18852,D-Link,0.00621,9.8,0.0,1.0,0.0,1.0,1,2019-11-11,0.0,,0.0,,,"Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/image_sign or /etc/alpha_config/image_sign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 (for DCN), DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842 C1 v3.00.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-319'],"['cpe:2.3:o:dlink:dir-600_b1_firmware:2.01:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-600_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-615_j1_firmware:100:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-615_j1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-645_a1_firmware:1.03:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-645_a1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-815_a1_firmware:1.01:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-815_a1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-823_a1_firmware:1.01:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-823_a1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-842_c1_firmware:3.00:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-842_c1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-890l_a1_firmware:1.03:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-890l_a1:-:*:*:*:*:*:*:*']",0,0
CVE-2020-13136,D-Link,0.00445,7.5,0.0,1.0,0.0,1.0,1,2020-05-18,0.0,,1.0,2019-12-29,,D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:dlink:dsp-w215_firmware:1.26b03:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dsp-w215:a1:*:*:*:*:*:*:*']",0,0
CVE-2020-13960,D-Link,0.00203,7.5,0.0,1.0,0.0,1.0,1,2020-06-08,0.0,,0.0,,,"D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses (and also offer Internet services such as HTTP) for names that otherwise would have had an NXDOMAIN error, by registering a subdomain of the domain.name domain name.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:dlink:dsl-2730u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dsl-2730u_firmware:in_1.10:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-600m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-600m_firmware:3.04:*:*:*:*:*:*:*']",0,0
CVE-2020-6765,D-Link,0.00118,7.2,0.0,1.0,0.0,1.0,1,2020-04-10,1.0,2020-04-09,,,1.0,"D-Link DSL-GS225 J1 AU_1.0.4 devices allow an admin to execute OS commands by placing shell metacharacters after a supported CLI command, as demonstrated by ping -c1 127.0.0.1; cat/etc/passwd. The CLI is reachable by TELNET.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:h:dlink:dsl-gs225:j1:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dsl-gs225_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-6841,D-Link,0.02406,9.8,0.0,1.0,0.0,1.0,1,2020-02-21,0.0,,1.0,2018-04-30,,D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:h:dlink:dch-m225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dch-m225_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-8861,D-Link,0.00316,8.8,0.0,1.0,0.0,1.0,1,2020-02-22,1.0,2019-12-26,,,1.0,This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1330 1.10B01 BETA Wi-Fi range extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper handling of cookies. An attacker can leverage this vulnerability to execute arbitrary code on the router. Was ZDI-CAN-9554.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-287', 'CWE-303']","['cpe:2.3:o:dlink:dap-1330_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-1330_firmware:1.10b01:beta:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-1330:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27248,D-Link,0.00293,8.8,0.0,1.0,0.0,0.0,1,2021-04-14,1.0,2021-06-10,,,0.0,"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the getpage parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-10932.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-121'],"['cpe:2.3:h:dlink:dap-2020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-2020_firmware:1.01:rc001:*:*:*:*:*:*']",0,0
CVE-2021-28144,D-Link,0.03308,8.8,0.0,1.0,0.0,1.0,1,2021-03-11,1.0,2021-03-08,,,1.0,"prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:h:dlink:dir-3060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-3060_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-28839,D-Link,0.00175,7.5,0.0,1.0,0.0,1.0,1,2021-08-10,0.0,,1.0,2021-01-11,,"Null Pointer Dereference vulnerability exists in D-Link DAP-2310 2.07.RC031, DAP-2330 1.07.RC028, DAP-2360 2.07.RC043, DAP-2553 3.06.RC027, DAP-2660 1.13.RC074, DAP-2690 3.16.RC100, DAP-2695 1.17.RC063, DAP-3320 1.01.RC014 and DAP-3662 1.01.RC022 in the upload_certificate function of sbin/httpd binary. When the binary handle the specific HTTP GET request, the strrchr in the upload_certificate function would take NULL as first argument, and incur the NULL pointer dereference vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-476'],"['cpe:2.3:o:dlink:dap-2310_firmware:2.0.7.rc031:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-2310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-2330_firmware:1.07.rc028:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-2330:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-2360_firmware:2.07.rc043:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-2360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-2553_firmware:3.06.rc027:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-2553:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-2660_firmware:1.13.rc074:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-2660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-2690_firmware:3.16.rc100:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-2690:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-2695_firmware:1.17.rc063:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-2695:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-3320_firmware:1.01.rc014:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-3320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-3662_firmware:1.01.rc022:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-3662:-:*:*:*:*:*:*:*']",0,0
CVE-2021-29294,D-Link,0.00114,7.5,0.0,1.0,0.0,1.0,1,2021-08-10,0.0,,1.0,2021-03-22,,"Null Pointer Dereference vulnerability exists in D-Link DSL-2740R UK_1.01, which could let a remove malicious user cause a denial of service via the send_hnap_unauthorized function. It could be triggered by sending crafted POST request to /HNAP1/. NOTE: The DSL-2740R and all hardware revisions are considered End of Life and as such this issue will not be patched",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-476'],"['cpe:2.3:o:dlink:dsl-2740r_firmware:uk_1.01:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dsl-2740r:-:*:*:*:*:*:*:*']",0,0
CVE-2021-30072,D-Link,0.0023,9.8,0.0,1.0,0.0,1.0,1,2021-04-02,1.0,2021-04-12,,,0.0,"An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Because strcat is misused, there is a stack-based buffer overflow that does not require authentication.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:dlink:dir-878_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-878:ax:*:*:*:*:*:*:*']",0,0
CVE-2021-40284,D-Link,0.00114,6.5,0.0,1.0,0.0,1.0,1,2021-09-09,1.0,2021-08-26,,,1.0,"D-Link DSL-3782 EU v1.01:EU v1.03 is affected by a buffer overflow which can cause a denial of service. This vulnerability exists in the web interface ""/cgi-bin/New_GUI/Igmp.asp"". Authenticated remote attackers can trigger this vulnerability by sending a long string in parameter 'igmpsnoopEnable' via an HTTP request.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-120'],"['cpe:2.3:o:dlink:dsl-3782_firmware:eu_1.01:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dsl-3782_firmware:eu_1.03:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dsl-3782:-:*:*:*:*:*:*:*']",0,0
CVE-2021-42627,D-Link,0.21954,9.8,0.0,1.0,0.0,1.0,1,2022-08-23,0.0,,0.0,,,"The WAN configuration page ""wan.htm"" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-Other'],"['cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-615_firmware:20.06:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-615_j1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-615_j1_firmware:20.06:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-615_t1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-615_t1_firmware:20.06:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-615jx10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-615jx10_firmware:20.06:*:*:*:*:*:*:*']",0,0
CVE-2021-44127,D-Link,0.00286,9.8,0.0,1.0,0.0,0.0,1,2022-03-27,0.0,,0.0,,,"In DLink DAP-1360 F1 firmware version <=v6.10 in the ""webupg"" binary, an attacker can use the ""file"" parameter to execute arbitrary system commands when the parameter is ""name=deleteFile"" after being authorized.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-1360f1_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-44880,D-Link,0.00715,9.8,0.0,1.0,0.0,1.0,1,2022-02-04,0.0,,1.0,2022-02-15,,D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were discovered to contain a command injection vulnerability in the system function. This vulnerability allows attackers to execute arbitrary commands via a crafted HNAP1 POST request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:dlink:dir-878_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-878_firmware:1.30b08:hotfix_02_beta:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-878:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-882_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dir-882_firmware:1.30b06:hotfix_02_beta:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-882:-:*:*:*:*:*:*:*']",0,0
CVE-2022-26670,D-Link,0.0005,8.8,0.0,1.0,0.0,1.0,1,2022-04-07,1.0,2022-03-31,,,1.0,D-Link DIR-878 has inadequate filtering for special characters in the webpage input field. An unauthenticated LAN attacker can perform command injection attack to execute arbitrary system commands to control the system or disrupt service.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:dlink:dir-878_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-878:-:*:*:*:*:*:*:*']",0,0
CVE-2022-32092,D-Link,0.00214,9.8,0.0,1.0,0.0,1.0,1,2022-06-27,0.0,,0.0,,,D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:dlink:dir-645_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-645:-:*:*:*:*:*:*:*']",0,0
CVE-2016-11021,D-Link,0.96267,7.2,0.0,1.0,0.0,1.0,0,2020-03-09,0.0,,0.0,,,setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:dlink:dcs-930l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dcs-930l:-:*:*:*:*:*:*:*']",0,0
CVE-2018-9284,D-Link,0.01559,9.8,0.0,1.0,0.0,0.0,0,2018-04-04,1.0,2018-02-08,,,1.0,authentication.cgi on D-Link DIR-868L devices with Singapore StarHub firmware before v1.21SHCb03 allows remote attackers to execute arbitrary code.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:dlink:singapore_starhub_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*']",0,0
CVE-2020-12774,D-Link,0.00044,6.7,0.0,1.0,0.0,1.0,0,2020-07-22,1.0,2020-07-22,,,1.0,"D-Link DSL-7740C does not properly validate user input, which allows an authenticated LAN user to inject arbitrary command.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-78'],"['cpe:2.3:o:dlink:dsl-7740c_firmware:v6.tr069.20180723:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dsl-7740c:-:*:*:*:*:*:*:*']",0,0
CVE-2020-15892,D-Link,0.00324,9.8,0.0,1.0,0.0,0.0,0,2020-07-22,0.0,,1.0,2020-09-24,,"An issue was discovered in apply.cgi on D-Link DAP-1520 devices before 1.10b04Beta02. Whenever a user performs a login action from the web interface, the request values are being forwarded to the ssi binary. On the login page, the web interface restricts the password input field to a fixed length of 15 characters. The problem is that validation is being done on the client side, hence it can be bypassed. When an attacker manages to intercept the login request (POST based) and tampers with the vulnerable parameter (log_pass), to a larger length, the request will be forwarded to the webserver. This results in a stack-based buffer overflow. A few other POST variables, (transferred as part of the login request) are also vulnerable: html_response_page and log_user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-669'],"['cpe:2.3:h:dlink:dap-1520:a1:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-1520_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-27864,D-Link,0.00279,8.8,0.0,1.0,0.0,1.0,0,2021-02-12,0.0,,1.0,2020-01-11,,"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the Authorization request header, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-10880.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-77'],"['cpe:2.3:o:dlink:dap-1860_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-1860:ax:*:*:*:*:*:*:*']",0,0
CVE-2020-27865,D-Link,0.00135,8.8,0.0,1.0,0.0,1.0,0,2021-02-12,0.0,,1.0,2020-01-11,,"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the uhttpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the device. Was ZDI-CAN-10894.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-288', 'CWE-287']","['cpe:2.3:o:dlink:dap-1860_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-1860:ax:*:*:*:*:*:*:*']",0,0
CVE-2021-20694,D-Link,0.00224,8.8,0.0,1.0,0.0,1.0,0,2021-04-26,1.0,2021-04-09,,,1.0,Improper access control vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to bypass access restriction and to start a telnet service via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:dlink:dap-1880ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-1880ac:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20695,D-Link,0.00264,8.8,0.0,1.0,0.0,1.0,0,2021-04-26,1.0,2021-04-09,,,1.0,Improper following of a certificate's chain of trust vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to gain root privileges via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-295'],"['cpe:2.3:o:dlink:dap-1880ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-1880ac:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20696,D-Link,0.00578,8.8,0.0,1.0,0.0,1.0,0,2021-04-26,1.0,2021-04-09,,,1.0,DAP-1880AC firmware version 1.21 and earlier allows a remote authenticated attacker to execute arbitrary OS commands by sending a specially crafted request to a specific CGI program.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:dlink:dap-1880ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-1880ac:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20697,D-Link,0.00535,9.8,0.0,1.0,0.0,1.0,0,2021-04-26,1.0,2021-04-09,,,1.0,Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier allows a remote attacker to login to the device as an authenticated user without the access privilege via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:h:dlink:dap-1880ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:dap-1880ac_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-3182,D-Link,0.00044,8.0,0.0,1.0,0.0,1.0,0,2021-01-19,0.0,,1.0,2021-01-28,,D-Link DCS-5220 devices have a buffer overflow. NOTE: This vulnerability only affects products that are no longer supported by the maintainer,CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,"['CWE-787', 'CWE-120']","['cpe:2.3:o:dlink:dcs-5220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dcs-5220:-:*:*:*:*:*:*:*']",0,0
CVE-2021-46378,D-Link,0.01681,7.5,1.0,1.0,0.0,1.0,0,2022-03-04,0.0,,0.0,,,DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an unauthenticated remote configuration download.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-425'],"['cpe:2.3:o:dlink:dir-850l_firmware:1.08trb03:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-850l:-:*:*:*:*:*:*:*']",1,0
CVE-2022-29328,D-Link,0.00202,9.8,0.0,1.0,0.0,1.0,0,2022-05-10,0.0,,0.0,,,D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:dlink:dap-1330_firmware:1.00.b21:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-1330:-:*:*:*:*:*:*:*']",0,0
CVE-2022-29329,D-Link,0.00202,9.8,0.0,1.0,0.0,1.0,0,2022-05-10,0.0,,0.0,,,D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:dlink:dap-1330_firmware:1.00.b21:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-1330:-:*:*:*:*:*:*:*']",0,0
CVE-2022-31414,D-Link,0.00904,7.5,0.0,1.0,0.0,0.0,0,2022-09-07,0.0,,0.0,,,D-Link DIR-1960 firmware DIR-1960_A1_1.11 was discovered to contain a buffer overflow via srtcat in prog.cgi. This vulnerability allowed attackers to cause a Denial of Service (DoS) via a crafted HTTP request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-120'],"['cpe:2.3:o:dlink:dir-1960_firmware:1.11:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-1960:a1:*:*:*:*:*:*:*']",0,0
CVE-2022-34973,D-Link,0.00093,7.5,0.0,0.0,0.0,1.0,0,2022-08-03,0.0,,0.0,,,D-Link DIR820LA1_FW106B02 was discovered to contain a buffer overflow via the nextPage parameter at ping.ccp.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-120'],"['cpe:2.3:o:dlink:dir820la1_firmware:106b02:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir820la1:-:*:*:*:*:*:*:*']",0,0
CVE-2022-34974,D-Link,0.00214,9.8,0.0,0.0,0.0,1.0,0,2022-08-03,0.0,,0.0,,,D-Link DIR810LA1_FW102B22 was discovered to contain a command injection vulnerability via the Ping_addr function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:dlink:dir820la1_firmware:102b22:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir820la1:-:*:*:*:*:*:*:*']",0,0
CVE-2022-35191,D-Link,0.00678,6.5,0.0,1.0,0.0,1.0,0,2022-08-23,0.0,,0.0,,,D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via a crafted HTTP connection request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-404'],"['cpe:2.3:o:dlink:dsl-3782_firmware:1.01:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dsl-3782:-:*:*:*:*:*:*:*']",0,0
CVE-2022-35192,D-Link,0.00251,7.5,0.0,1.0,0.0,1.0,0,2022-08-26,0.0,,0.0,,,D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via the User parameter or Pwd parameter to Login.asp.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-120'],"['cpe:2.3:o:dlink:dsl-3782_firmware:1.01:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dsl-3782:-:*:*:*:*:*:*:*']",0,0
CVE-2022-35620,D-Link,0.00999,9.8,0.0,0.0,0.0,1.0,0,2022-08-03,0.0,,0.0,,,D-LINK DIR-818LW A1:DIR818L_FW105b01 was discovered to contain a remote code execution (RCE) vulnerability via the function binary.soapcgi_main.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:dlink:dir-818l_firmware:105b01:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-818l:-:*:*:*:*:*:*:*']",0,0
CVE-2022-36588,D-Link,0.0033,9.8,0.0,1.0,0.0,1.0,0,2022-09-08,0.0,,0.0,,,"In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:dlink:dap-1650_firmware:1.04b02_j65h:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dap-1650:-:*:*:*:*:*:*:*']",0,0
CVE-2022-37055,D-Link,0.00202,9.8,0.0,0.0,0.0,1.0,0,2022-08-28,0.0,,0.0,,,"D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via cgibin, hnap_main,",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:dlink:go-rt-ac750_firmware:reva_1.01b03:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:go-rt-ac750_firmware:revb_2.00b02:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:go-rt-ac750:-:*:*:*:*:*:*:*']",0,0
CVE-2022-37056,D-Link,0.00164,9.8,0.0,0.0,0.0,1.0,0,2022-08-28,0.0,,0.0,,,"D-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command Injection via /cgibin, hnap_main,",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:dlink:go-rt-ac750_firmware:reva_1.01b03:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:go-rt-ac750_firmware:revb_2.00b02:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:go-rt-ac750:-:*:*:*:*:*:*:*']",0,0
CVE-2022-37057,D-Link,0.00164,9.8,0.0,0.0,0.0,1.0,0,2022-08-28,0.0,,0.0,,,"D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:dlink:go-rt-ac750_firmware:reva_1.01b03:*:*:*:*:*:*:*', 'cpe:2.3:o:dlink:go-rt-ac750_firmware:revb_2.00b02:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:go-rt-ac750:-:*:*:*:*:*:*:*']",0,0
CVE-2022-38258,D-Link,0.00092,8.1,0.0,0.0,0.0,1.0,0,2022-09-08,0.0,,0.0,,,A local file inclusion (LFI) vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service (DoS) or access sensitive server information via manipulation of the getpage parameter in a crafted web request.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH,HIGH,2.8,5.2,['CWE-22'],"['cpe:2.3:o:dlink:dir-819_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-819:-:*:*:*:*:*:*:*']",0,0
CVE-2016-5685,Dell,0.00099,8.8,0.0,1.0,0.0,1.0,1,2016-11-29,1.0,2016-10-31,,,1.0,Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-74'],"['cpe:2.3:o:dell:idrac7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:idrac8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:idrac7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:idrac8:-:*:*:*:*:*:*:*']",0,0
CVE-2016-6257,Dell,0.00206,6.5,0.0,1.0,0.0,1.0,1,2016-08-02,0.0,,0.0,,,"The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system by leveraging proximity to the dongle, aka a ""KeyJack injection attack.""",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-310'],"['cpe:2.3:o:amazonbasics:firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:amazonbasics:usb_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:amazonbasics:wireless_keyboard:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:km714_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:km714_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:km714_wireless_keyboard:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:km632_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:km632_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:km632_wireless_keyboard:-:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:unifying_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:unifying_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:unifying_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lenovo:ultraslim_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:ultraslim_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:ultraslim_wireless_keyboard:-:*:*:*:*:*:*:*']",0,0
CVE-2016-6646,Dell,0.04906,9.8,0.0,0.0,1.0,0.0,1,2016-10-05,1.0,2016-10-04,,,1.0,The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary code via crafted input to the (1) GetSymmCmdRequest or (2) RemoteServiceHandler class.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],"['cpe:2.3:a:dell:emc_unisphere:8.0:*:*:*:*:vmax:*:*', 'cpe:2.3:a:dell:emc_unisphere:8.1:*:*:*:*:vmax:*:*', 'cpe:2.3:a:dell:emc_unisphere:8.1.2:*:*:*:*:vmax:*:*', 'cpe:2.3:a:dell:emc_unisphere:8.2:*:*:*:*:vmax:*:*', 'cpe:2.3:a:emc:solutions_enabler:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:emc:solutions_enabler:8.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:emc:solutions_enabler:8.1:*:*:*:*:*:*:*', 'cpe:2.3:a:emc:solutions_enabler:8.1.2:*:*:*:*:*:*:*', 'cpe:2.3:a:emc:solutions_enabler:8.3:*:*:*:*:*:*:*', 'cpe:2.3:a:emc:unisphere:8.0.3:*:*:*:*:vmax:*:*']",0,0
CVE-2017-14375,Dell,0.01365,9.8,0.0,0.0,1.0,0.0,1,2017-11-01,1.0,2017-10-30,,,1.0,"EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-290'],"['cpe:2.3:a:dell:emc_unisphere:*:*:*:*:*:vmax:*:*', 'cpe:2.3:a:emc:solutions_enabler:*:*:*:*:*:*:*:*', 'cpe:2.3:a:emc:vasa:*:*:*:*:*:*:*:*', 'cpe:2.3:a:emc:vmax_emanagement:*:*:*:*:*:*:*:*']",0,0
CVE-2017-15361,Dell,0.00376,5.9,0.0,1.0,0.0,0.0,1,2017-10-16,0.0,,0.0,,,"The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:infineon:trusted_platform_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:o:infineon:trusted_platform_firmware:4.32:*:*:*:*:*:*:*', 'cpe:2.3:o:infineon:trusted_platform_firmware:6.40:*:*:*:*:*:*:*', 'cpe:2.3:o:infineon:trusted_platform_firmware:133.32:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:c720_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebase:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebase_24:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c730e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c740:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c771t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_n7_c731:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_13_cb5-311:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_14_cb3-431:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_14_for_work_cp5-471:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_15_cb3-531:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_15_cb3-532:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_15_cb5-571:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_r11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_r13_cb5-312t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebox:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebox_cxi2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:aopen:chromebase:-:*:commercial:*:*:*:*:*', 'cpe:2.3:h:aopen:chromebase:-:*:mini:*:*:*:*:*', 'cpe:2.3:h:aopen:chromebox:-:*:commercial:*:*:*:*:*', 'cpe:2.3:h:aopen:chromeboxi:-:*:mini:*:*:*:*:*', 'cpe:2.3:h:asi:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebit_cs10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c201pa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c202sa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c300sa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c301sa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_flip_c100pa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_flip_c302:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebox_cn60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebox_cn62:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bobicus:chromebook_11:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ctl:j2_chromebook:-:*:*:*:*:education:*:*', 'cpe:2.3:h:ctl:j4_chromebook:-:*:*:*:*:education:*:*', 'cpe:2.3:h:ctl:j5_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ctl:n6_chromebook:-:*:*:*:*:education:*:*', 'cpe:2.3:h:ctl:nl61_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_11_3120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_11_3189:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_11_model_3180:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_13_3380:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebox:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edugear:chromebook_k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edugear:chromebook_m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edugear:chromebook_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edugear:cmt_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edxis:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edxis:education_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epik:chromebook_elb1101:-:*:*:*:*:*:*:*', 'cpe:2.3:h:google:pixel:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:chromebook_11_c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:chromebook_11_g2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:chromebook_11e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hexa:chromebook_pi:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hisense:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook:-:*:*:*:*:meetings:*:*', 'cpe:2.3:h:hp:chromebook_11-vxxx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_1100-1199:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_2000-2099:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_2100-2199:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_2200-2299:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g4\\/g4_ee:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g5_ee:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_13_g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14_ak000-099:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14_g3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14_x000-x999:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebox_cb1-\\(000-099\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebox_g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:100s_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n20_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n21_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n22_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n23_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n23_flex_11_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n23_yoga_11_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n42_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:thinkcentre_chromebox:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:thinkpad_11e_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:thinkpad_13_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:chromebase_22cb25s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:chromebase_22cv241:-:*:*:*:*:*:*:*', 'cpe:2.3:h:medion:akoya_s2013:-:*:*:*:*:*:*:*', 'cpe:2.3:h:medion:chromebook_s2015:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mercer:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mercer:v2_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ncomputing:chromebook_cx100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nexian:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:pcmerge:chromebook_pcm-116t-432b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:poin2:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:poin2:chromebook_14:-:*:*:*:*:*:*:*', 'cpe:2.3:h:positivo:chromebook_ch1190:-:*:*:*:*:*:*:*', 'cpe:2.3:h:prowise:entry_line_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:prowise:proline_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:rgs:education_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_2_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_2_11_xe500c12:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_2_13:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sector-five:e1_rugged_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:senkatel:c1101_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:toshiba:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:toshiba:chromebook_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:toshiba:chromebook_2:-:*:2015:*:*:*:*:*', 'cpe:2.3:h:true:idc_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:true:idc_chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:videonet:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:videonet:chromebook_bl10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:viglen:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:viglen:chromebook_360:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xolo:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:a:infineon:rsa_library:*:*:*:*:*:*:*:*']",0,0
CVE-2017-2802,Dell,0.00111,7.8,0.0,0.0,1.0,0.0,1,2018-04-24,0.0,,0.0,,,An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],['cpe:2.3:a:dell:precision_optimizer:3.5.5.0:*:*:*:*:*:*:*'],0,0
CVE-2017-8011,Dell,0.00694,9.8,0.0,0.0,1.0,0.0,1,2017-07-17,0.0,,1.0,2017-07-11,,"EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker with the knowledge of the default password may potentially use these accounts to run arbitrary web service and remote procedure calls on the affected system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:a:dell:emc_m\\&r:-:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_storage_monitoring_and_reporting:4.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vipr_srm:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vnx_monitoring_and_reporting:-:*:*:*:*:*:*:*']",0,0
CVE-2018-1183,Dell,0.00206,9.8,0.0,0.0,1.0,0.0,1,2018-04-30,1.0,2018-04-25,,,1.0,"In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions prior to 8.4.0.512, Dell EMC SMIS versions prior to 8.4.0.6, Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4.0.347, Dell EMC VNX2 Operating Environment (OE) for File versions prior to 8.1.9.231, Dell EMC VNX2 Operating Environment (OE) for Block versions prior to 05.33.009.5.231, Dell EMC VNX1 Operating Environment (OE) for File versions prior to 7.1.82.0, Dell EMC VNX1 Operating Environment (OE) for Block versions prior to 05.32.000.5.225, Dell EMC VNXe3200 Operating Environment (OE) all versions, Dell EMC VNXe1600 Operating Environment (OE) versions prior to 3.1.9.9570228, Dell EMC VNXe 3100/3150/3300 Operating Environment (OE) all versions, Dell EMC ViPR SRM versions 3.7, 3.7.1, 3.7.2 (only if using Dell EMC Host Interface for Windows), Dell EMC ViPR SRM versions 4.0, 4.0.1, 4.0.2, 4.0.3 (only if using Dell EMC Host Interface for Windows), Dell EMC XtremIO versions 4.x, Dell EMC VMAX eNAS version 8.x, Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968, ECOM is affected by a XXE injection vulnerability due to the configuration of the XML parser shipped with the product. XXE Injection attack may occur when XML input containing a reference to an external entity (defined by the attacker) is processed by an affected XML parser. XXE Injection may allow attackers to gain unauthorized access to files containing sensitive information or may be used to cause denial-of-service.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-611'],"['cpe:2.3:a:dell:emc_smis:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_unisphere:*:*:*:*:*:vmax_virtual_appliance:*:*', 'cpe:2.3:a:dell:emc_unity_operating_environment:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vasa_provider_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vipr_srm:-:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vipr_srm:3.7:*:*:*:*:windows:*:*', 'cpe:2.3:a:dell:emc_vipr_srm:3.7.1:*:*:*:*:windows:*:*', 'cpe:2.3:a:dell:emc_vipr_srm:3.7.2:*:*:*:*:windows:*:*', 'cpe:2.3:a:dell:emc_vipr_srm:4.0:*:*:*:*:windows:*:*', 'cpe:2.3:a:dell:emc_vipr_srm:4.0.1:*:*:*:*:windows:*:*', 'cpe:2.3:a:dell:emc_vipr_srm:4.0.2:*:*:*:*:windows:*:*', 'cpe:2.3:a:dell:emc_vipr_srm:4.0.3:*:*:*:*:windows:*:*', 'cpe:2.3:a:dell:emc_vmax_embedded_management:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vmax_enas:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vmax_enas:8.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vnx1_operating_environment:05.32.000.5.225:*:*:*:*:block:*:*', 'cpe:2.3:a:dell:emc_vnx1_operating_environment:7.1.82.0:*:*:*:*:file:*:*', 'cpe:2.3:a:dell:emc_vnx2_operating_environment:*:*:*:*:*:block:*:*', 'cpe:2.3:a:dell:emc_vnx2_operating_environment:*:*:*:*:*:file:*:*', 'cpe:2.3:a:dell:emc_vnxe_3100_operating_environment:-:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vnxe_3150_operating_environment:-:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vnxe_3300__operating_environment:-:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vnxe1600_operating_environment:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vnxe3200_operating_environment:-:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_xtremio:4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_xtremio:4.0.2:*:*:*:*:*:*:*']",0,0
CVE-2018-1216,Dell,0.01231,9.8,0.0,0.0,1.0,0.0,1,2018-03-08,1.0,2018-02-13,,,1.0,"A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). They contain an undocumented default account (smc) with a hard-coded password that may be used with certain web servlets. A remote attacker with the knowledge of the hard-coded password and the message format may use vulnerable servlets to gain unauthorized access to the system. Note: This account cannot be used to log in via the web user interface.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:a:dell:emc_solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_unisphere_for_vmax_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vasa_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_vmax_embedded_management:*:*:*:*:*:*:*:*']",0,0
CVE-2018-1243,Dell,0.00272,7.5,0.0,0.0,0.0,1.0,1,2018-07-02,0.0,,0.0,,,"Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. The sessions invoked via CGI binaries use 96-bit numeric-only session ID values, which makes it easier for remote attackers to perform bruteforce session guessing attacks.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-358'],"['cpe:2.3:o:dell:idrac6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:idrac7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:idrac8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:idrac9_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-1250,Dell,0.00125,6.5,0.0,1.0,0.0,0.0,1,2018-09-28,1.0,2018-09-18,,,1.0,"Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass vulnerability. A remote authenticated user could potentially exploit this vulnerability to read files in NAS server by directly interacting with certain APIs of Unity OE, bypassing Role-Based Authorization control implemented only in Unisphere GUI.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-863'],"['cpe:2.3:o:dell:emc_unity_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_unity:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_unityvsa:*:*:*:*:*:*:*:*']",0,0
CVE-2019-18579,Dell,0.00067,6.8,0.0,1.0,0.0,1.0,1,2019-12-16,1.0,2019-12-05,,,1.0,"Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1.3 contain a configuration vulnerability. The BIOS configuration for the ""Enable Thunderbolt (and PCIe behind TBT) pre-boot modules"" setting is enabled by default. A local unauthenticated attacker with physical access to a user's system can obtain read or write access to main memory via a DMA attack during platform boot.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,"['NVD-CWE-Other', 'CWE-16']","['cpe:2.3:o:dell:xps_7390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_7390:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3717,Dell,0.00069,6.8,0.0,1.0,0.0,1.0,1,2019-08-05,1.0,2021-02-21,,,0.0,Select Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. An unauthenticated attacker with physical access to the system could potentially bypass intended Secure Boot restrictions to run unsigned and untrusted code on expansion cards installed in the system during platform boot. Refer to https://www.dell.com/support/article/us/en/04/sln317683/dsa-2019-043-dell-client-improper-access-control-vulnerability?lang=en for versions affected by this vulnerability.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:dell:chengming_3967:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3967_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3977:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3977_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3980:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3980_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_3579:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_3579_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_3779:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_3779_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5587:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5587_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_7588_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_7588:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_7790_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_7790:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:embedded_box_pc_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:embedded_box_pc_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3153_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3153:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3158_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3158:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5368_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5368:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5378_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5378:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5379_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5379:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7359_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7359:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7368_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7368:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7373_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7373:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7378_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7378:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3459_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3459:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3467_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3467:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3468_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3468:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5468_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5468:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7460_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7460:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7466_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7466:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7467_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7467:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3458_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3458:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3559_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3559:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3567_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3567:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3568_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3568:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5566_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5566:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5567_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5567:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7560_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5568_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5568:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5578_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5578:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5579_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5579:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7568_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7568:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7569_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7569:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7573_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7573:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7579_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7579:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7566_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7566:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7567_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7567:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7577_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7577:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3558_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3558:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5767_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5767:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7773_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7773:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7778_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7778:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7779_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7779:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3268_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3476_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3476:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3576_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3576:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3583_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3583:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3584_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3584:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3668_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3668:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_670:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3780_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3780:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3781_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3781:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5457_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5457:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5458_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5458:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5459_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5459:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5482_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5482:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5557_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5557:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5558_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5558:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5559_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5559:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5582_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5582:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5758_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5758:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5759_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5759:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5770_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5770:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7386_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7386:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7472_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7472:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7572_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7572:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7580_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7586_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7586:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7786_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7786:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3160_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3180_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3180:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3189_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3189:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3190_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3190:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3379_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3379:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3460_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3460:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3560_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5175_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5175:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5179_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5179:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5250_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5285_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5285:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5288_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5288:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5289_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5289:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5290_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5290_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5414_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5414:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5420_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5488_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5488:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5491_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5491:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5591_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5591:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7202_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7202:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7212_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7212:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7214_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7250_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7275_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7285_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7285:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7389_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7389:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7390_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7390_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7414_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7414:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7424_rugged_extreme_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7424_rugged_extreme:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5250_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5270_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e7250_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e7250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e7270_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e7270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e7450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e7450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e7470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e7470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3046_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3046:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3050_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3050_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3240_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3240_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5250_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5250_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5260_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5260_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7440_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7440_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7450_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7450_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7460_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7460_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7760_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7760_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_xe3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_xe3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3420_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3430_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3430:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3620_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3630_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3930_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3930:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5530_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5530_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5720_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5720_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5820_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7710_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7720_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7820_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7920_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7920:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_t5810_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_t5810:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_t7810_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_t7810:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_t7910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_t7910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:venue_7140_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:venue_7140:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3468_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3468:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5468_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5468:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3568_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3568:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5568_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5568:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_7570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_7570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_7580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_7580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3267_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3267:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3268_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3458_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3458:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3459_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3459:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3478_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3478:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3584_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3584:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3583_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3583:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3660_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3667_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3668_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3668:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3669_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3669:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3670:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5471_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5471:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_5070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_5070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_7040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_7040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_9250_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_9250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_9350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_9350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_9360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_9360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_9370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_9370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_9380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_9380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_9550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_9550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_9560_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_9560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_9570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_9570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_7760_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_7760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_8900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_8900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_9575_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_9575:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_9343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_9343:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3747,Dell,0.00054,4.8,0.0,1.0,0.0,1.0,1,2019-09-27,0.0,,0.0,,,"Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. A remote malicious ACM admin user may potentially exploit this vulnerability to store malicious HTML or JavaScript code in Cloud DR add-on specific field. When victim users access the page through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.7,2.7,['CWE-79'],"['cpe:2.3:o:dell:emc_integrated_data_protection_appliance_firmware:2.0:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_integrated_data_protection_appliance_firmware:2.1:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_integrated_data_protection_appliance_firmware:2.2:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_idpa_dp4400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_idpa_dp5800:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_idpa_dp8300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_idpa_dp8800:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3754,Dell,0.00151,6.1,0.0,1.0,1.0,1.0,1,2019-09-03,0.0,,0.0,,,"Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.116, Dell EMC UnityVSA versions prior to 5.0.0.0.5.116 and Dell EMC VNXe3200 versions prior to 3.1.10.9946299 contain a reflected cross-site scripting vulnerability on the cas/logout page. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or Java Script code to Unisphere, which is then reflected back to the victim and executed by the web browser.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:dell:emc_unity_operating_environment:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_unityvsa_operating_environment:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_vnxe3200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_vnxe3200:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3764,Dell,0.00082,4.3,0.0,0.0,0.0,1.0,1,2019-11-07,1.0,2020-04-30,,,0.0,"Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. A remote authenticated malicious iDRAC user with low privileges may potentially exploit this vulnerability to obtain sensitive information such as password hashes.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,2.8,1.4,"['NVD-CWE-Other', 'CWE-285']","['cpe:2.3:o:dell:idrac7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:idrac8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:idrac9_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-29501,Dell,0.00044,6.7,0.0,1.0,0.0,0.0,1,2021-01-05,1.0,2020-12-15,,,1.0,"Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-312'],"['cpe:2.3:o:dell:emc_powerstore_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerstore:-:*:*:*:*:*:*:*']",0,0
CVE-2020-29503,Dell,0.00044,4.4,0.0,1.0,0.0,0.0,1,2021-07-19,1.0,2020-12-15,,,1.0,"Dell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file permission Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the information disclosure of certain system directory.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.8,3.6,['CWE-276'],['cpe:2.3:h:dell:emc_powerstore:*:*:*:*:*:*:*:*'],0,0
CVE-2020-5326,Dell,0.00058,5.3,0.0,1.0,0.0,1.0,1,2020-02-21,1.0,2019-08-31,,,1.0,Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration settings without requiring the BIOS Admin password by selecting the Optimized Defaults option in the pre-boot iRST Manager.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N,PHYSICAL,LOW,NONE,NONE,CHANGED,NONE,HIGH,NONE,MEDIUM,0.9,4.0,['CWE-306'],"['cpe:2.3:o:dell:chengming_3980_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3980:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_3579_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_3579:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_3779_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_3779:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5587_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5587:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_7588_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_7588:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_7790_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_7790:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:embedded_box_pc_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:embedded_box_pc_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_14_gaming_7466:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_14_gaming_7466_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_14_gaming_7467:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_14_gaming_7467_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_7572:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_7572_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_gaming_7566:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_gaming_7566_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_gaming_7567:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_gaming_7567_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_gaming_7577:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_gaming_7577_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3583_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3583:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3584_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3584:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3670:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3780_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3780:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3781_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3781:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5482_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5482:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5488_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5488:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5582_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5582:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5770_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5770:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7386_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7386:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7472_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7472:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7586_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7586:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7591_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7591:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7786_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7786:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3460_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3460:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5175_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5175:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5179_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5179:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5288_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5288:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5289_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5289:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5414_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5414:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5420_rugged_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5420_rugged:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5424_rugged_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5424_rugged:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5488_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5488:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5491_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5491:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5591_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5591:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7202_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7202:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7212_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7212:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7275_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7285_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7285:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7389_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7389:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7414_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7414:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7424_rugged_extreme_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7424_rugged_extreme:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5270_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e7270_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e7270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e7470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e7470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3046_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3046:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3240_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3240:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5250_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5260_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7440_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7440:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7460_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7460:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7760_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5270_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7770_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7770:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_xe3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_xe3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3420_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3430_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3430:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3541_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3541:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3620_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3630_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3930_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3930:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5720_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5810_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5810:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5820_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7710_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7720_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7730_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7730:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7740_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7740:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7810_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7810:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7820_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7920_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7920:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3431_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3431:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_7580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_7580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_15_7570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_15_7570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3583_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3583:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3584_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3584:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3670:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5471_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5471:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_5070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_5070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_7040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_7040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_12_9250_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_12_9250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_9550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_9550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_9560_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_9560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_9575_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_9575:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_9570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_9570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_27_7760_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_27_7760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_8900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_8900:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5349,Dell,0.00222,9.8,0.0,1.0,0.0,0.0,1,2021-07-19,1.0,2021-11-10,,,0.0,Dell EMC Networking S4100 and S5200 Series Switches manufactured prior to February 2020 contain a hardcoded credential vulnerability. A remote unauthenticated malicious user could exploit this vulnerability and gain administrative privileges.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:h:dell:emc_powerswitch_s4112f-on:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerswitch_s4112t-on:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerswitch_s4128f-on:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerswitch_s4128t-on:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerswitch_s4148f-on:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerswitch_s4148fe-on:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerswitch_s4148t-on:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerswitch_s4148u-on:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerswitch_s5212f-on:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerswitch_s5224f-on:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerswitch_s5232f-on:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerswitch_s5248f-on:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerswitch_s5296f-on:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5372,Dell,0.00206,7.5,0.0,1.0,0.0,0.0,1,2020-07-06,0.0,,0.0,,,Dell EMC PowerStore versions prior to 1.0.1.0.5.002 contain a vulnerability that exposes test interface ports to external network. A remote unauthenticated attacker could potentially cause Denial of Service via test interface ports which are not used during run time environment.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-863', 'CWE-1244']","['cpe:2.3:o:dell:emc_powerstore_1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerstore_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_powerstore_3000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerstore_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_powerstore_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerstore_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_powerstore_7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerstore_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_powerstore_9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:emc_powerstore_9000:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5387,Dell,0.00042,3.9,0.0,1.0,0.0,0.0,1,2020-10-01,0.0,,0.0,,,Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Exception Handling vulnerability. A local attacker with physical access could exploit this vulnerability to prevent the system from booting until the exploited boot device is removed.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,0.8,3.6,['CWE-755'],"['cpe:2.3:o:dell:xps_13_9370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9370:-:*:*:*:*:*:*:*']",0,0
CVE-2021-21507,Dell,0.00381,9.8,0.0,1.0,0.0,1.0,1,2021-04-30,1.0,2021-04-14,,,1.0,"Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-326', 'CWE-261']","['cpe:2.3:h:dell:x1008p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:x1008p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:x1018p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:x1018p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:x1026p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:x1026p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:x1052p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:x1052p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:x4012:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:x4012_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:r1-2401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:r1-2401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:r1-2210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:r1-2210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:x1008_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:x1008:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:x1018_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:x1018:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:x1026_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:x1026:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:x1052_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:x1052:-:*:*:*:*:*:*:*']",0,0
CVE-2021-21531,Dell,0.00042,7.8,0.0,0.0,1.0,1.0,1,2021-04-30,1.0,2021-03-24,,,1.0,Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. A local authenticated malicious user with monitor role may exploit this vulnerability to perform unauthorized actions.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['CWE-669', 'CWE-602']","['cpe:2.3:a:dell:solutions_enabler:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:solutions_enabler:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_for_powermax:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_for_powermax:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:powermax_os:5978:*:*:*:*:*:*:*']",0,0
CVE-2021-36300,Dell,0.00312,8.2,0.0,0.0,0.0,1.0,1,2021-11-23,1.0,2022-05-26,,,0.0,iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability by sending a specially crafted malicious request to crash the webserver or cause information disclosure.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,LOW,HIGH,3.9,4.2,['CWE-89'],['cpe:2.3:o:dell:emc_idrac9_firmware:*:*:*:*:*:*:*:*'],0,0
CVE-2021-36323,Dell,0.00042,6.7,0.0,1.0,0.0,1.0,1,2021-11-12,1.0,2021-10-31,,,1.0,Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-20'],"['cpe:2.3:o:dell:alienware_13_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_13_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_15_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_15_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_15_r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_15_r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_17_r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_17_r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_17_r5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_17_r5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_area_51m_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_area_51m_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_ryzen_edition_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_ryzen_edition:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3977_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3977:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3980_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3980:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3988_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3988:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3990_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3990:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3991_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3991:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_3579_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_3579:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_3779_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_3779:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5587_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5587:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_7587_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_7587:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_7588_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_7588:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_7790_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_7790:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:embedded_box_pc_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:embedded_box_pc_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_13_5378_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_13_5378:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_13_5379_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_13_5379:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_14_3467_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_14_3467:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_14_5468_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_14_5468:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_3567_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_3567:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_5566_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_5566:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_5578_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_5578:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_5579_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_5579:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_5582_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_5582:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_7570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_7570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_7572_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_7572:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_7573_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_7573:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_7577_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_7577:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_17_7773_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_17_7773:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3268_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3277_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3277:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3471_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3471:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3476_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3476:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3477_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3477:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3576_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3576:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3668_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3668:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3670:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3671_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3671:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3780_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3780:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3781_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3781:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3880_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3880:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3881_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3881:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5477_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5477:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5482_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5482:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5680_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5680:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5770_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5770:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7373_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7373:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7386_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7386:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7467_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7467:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7472_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7472:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7567_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7567:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7586_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7586:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7591_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7591:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7777_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7777:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7786_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7786:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7790_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7790:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5491_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5491:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3180_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3180:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3189_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3189:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3190_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3190:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3190_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3190:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3379_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3379:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3551_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3551:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5175_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5175:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5179_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5179:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5285_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5285:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5288_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5288:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5289_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5289:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5411_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5411:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5411_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5411:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5488_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5488:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5491_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5491:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5511_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5511:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5511_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5511:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5591_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5591:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7275_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7285_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7285:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7389_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7389:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_9410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_9410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_9510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_9510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5270_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e7270_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e7270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e7470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e7470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_rugged_5414_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_rugged_5414:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_rugged_5420_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_rugged_5420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_rugged_5424_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_rugged_5424:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_rugged_7220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_rugged_7220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_rugged_7220ex_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_rugged_7220ex:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_rugged_7424_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_rugged_7424:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_rugged_extreme_7214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_rugged_extreme_7214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_rugged_extreme_7414_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_rugged_extreme_7414:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_rugged_tablet_7212_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_rugged_tablet_7212:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3046_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3046:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3240_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3240:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5250_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5260_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5270_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7071_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7071:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7440_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7440:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7460_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7460:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7760_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7770_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7770:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7780_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7780:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_xe3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_xe3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3240_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3240:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3420_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3430_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3430:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3431_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3431:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3440_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3440:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3541_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3541:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3620_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3630_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3640_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3640:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3930_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3930:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5720_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5820_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5820_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7710_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7720_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7730_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7730:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7740_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7740:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7750_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7820_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7920_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7920:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_14_3468_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_14_3468:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_14_3478_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_14_3478:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_14_5468_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_14_5468:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_15_3568_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_15_3568:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_15_3578_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_15_3578:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_15_5568_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_15_5568:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_15_7570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_15_7570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_15_7580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_15_7580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3267_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3267:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3268_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3471_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3471:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3583_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3583:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3584_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3584:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3660_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3667_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3668_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3668:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3669_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3669:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3670:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3671_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3671:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3681_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3681:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3881_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3881:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3888_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3888:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5471_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5471:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5880_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5880:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_5070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_5070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_5470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_5470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_5470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_5470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_7040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_7040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_9560_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_9560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_9575_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_9575:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_27_7760_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_27_7760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_8930_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_8930:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_8940_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_8940:-:*:*:*:*:*:*:*']",0,0
CVE-2021-36339,Dell,0.00044,7.8,0.0,0.0,1.0,1.0,1,2022-01-21,1.0,2021-12-19,,,1.0,The Dell EMC Virtual Appliances before 9.2.2.2 contain undocumented user accounts. A local malicious user may potentially exploit this vulnerability to get privileged access to the virtual appliance.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['NVD-CWE-Other', 'CWE-250']","['cpe:2.3:a:dell:solutions_enabler:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:solutions_enabler:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_360:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_360:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_for_powermax:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_for_powermax:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:vasa:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:vasa:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:powermax_os:5978:*:*:*:*:*:*:*']",0,0
CVE-2021-36346,Dell,0.00162,5.3,0.0,1.0,0.0,1.0,1,2022-01-25,1.0,2021-12-16,,,1.0,Dell iDRAC 8 prior to version 2.82.82.82 contain a denial of service vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to deny access to the iDRAC webserver.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,"['NVD-CWE-noinfo', 'CWE-287']","['cpe:2.3:o:dell:integrated_dell_remote_access_controller_8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:integrated_dell_remote_access_controller_8:-:*:*:*:*:*:*:*']",0,0
CVE-2021-36348,Dell,0.00126,8.1,0.0,1.0,0.0,1.0,1,2022-01-25,1.0,2021-12-16,,,1.0,iDRAC9 versions prior to 5.00.20.00 contain an input injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to iDRAC.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,HIGH,HIGH,2.8,5.2,"['CWE-74', 'CWE-89']","['cpe:2.3:o:dell:integrated_dell_remote_access_controller_9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:integrated_dell_remote_access_controller_9:-:*:*:*:*:*:*:*']",0,0
CVE-2022-22556,Dell,0.00178,7.5,0.0,1.0,0.0,1.0,1,2022-06-02,1.0,2022-04-21,,,1.0,"Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the Denial of Service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-400'],"['cpe:2.3:o:dell:powerstoreos:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:powerstore_t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:powerstoreos:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:powerstore_x:-:*:*:*:*:*:*:*']",0,0
CVE-2022-24415,Dell,0.00042,7.8,0.0,1.0,0.0,1.0,1,2022-03-11,1.0,2022-02-28,,,1.0,Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:dell:alienware_13_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_13_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_15_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_15_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_15_r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_15_r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_17_r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_17_r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_17_r5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_17_r5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_area_51m_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_area_51m_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:edge_gateway_3000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:edge_gateway_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:edge_gateway_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:edge_gateway_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:edge_gateway_5100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:edge_gateway_5100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:embedded_box_pc_3000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:embedded_box_pc_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:embedded_box_pc_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:embedded_box_pc_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_14_3473_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_14_3473:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_3573_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_3573:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_5566_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_5566:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3277_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3277:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3465_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3465:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3477_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3477:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3482_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3482:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3565_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3565:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3582_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3582:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3782_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3782:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3379_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3379:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_14_5468_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_14_5468:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_15_5568_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_15_5568:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3267_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3267:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3268_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3572_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3572:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3582_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3582:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3660_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3667_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3668_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3668:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3669_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3669:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_7040_thin_client_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_7040_thin_client:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_8930_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_8930:-:*:*:*:*:*:*:*']",0,0
CVE-2022-24421,Dell,0.00042,7.8,0.0,1.0,0.0,1.0,1,2022-03-11,1.0,2022-02-28,,,1.0,Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:dell:alienware_13_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_13_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_15_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_15_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_15_r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_15_r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_17_r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_17_r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_17_r5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_17_r5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_area_51m_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_area_51m_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:edge_gateway_3000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:edge_gateway_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:edge_gateway_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:edge_gateway_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:edge_gateway_5100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:edge_gateway_5100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:embedded_box_pc_3000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:embedded_box_pc_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:embedded_box_pc_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:embedded_box_pc_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_14_3473_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_14_3473:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_3573_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_3573:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_5566_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_5566:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3277_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3277:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3465_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3465:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3477_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3477:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3482_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3482:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3565_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3565:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3582_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3582:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3782_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3782:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3379_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3379:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_14_5468_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_14_5468:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_15_5568_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_15_5568:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3267_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3267:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3268_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3572_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3572:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3582_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3582:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3660_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3667_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3668_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3668:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3669_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3669:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_7040_thin_client_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_7040_thin_client:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_8930_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_8930:-:*:*:*:*:*:*:*']",0,0
CVE-2022-26858,Dell,0.00044,7.8,0.0,1.0,0.0,1.0,1,2022-09-06,1.0,2022-01-31,,,1.0,Dell BIOS versions contain an Improper Authentication vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability by sending malicious input to an SMI in order to bypass security controls.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-287'],"['cpe:2.3:o:dell:alienware_m15_r6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3980_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3980:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3988_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3988:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3990_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3990:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3991_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3991:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g15_5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g15_5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g15_5511_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g15_5511:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_15_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_15_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_3500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_3500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_3579_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_3579:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_15_5587_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_15_5587:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_15_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_15_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_7500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_7588_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_7588:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_17_7700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_17_7700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_17_7790_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_17_7790:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:edge_gateway_3000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:edge_gateway_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:edge_gateway_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:edge_gateway_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:embedded_box_pc_3000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:embedded_box_pc_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:embedded_box_pc_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:embedded_box_pc_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_13_5378_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_13_5378:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_13_5379_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_13_5379:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_13_7378_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_13_7378:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_14_3467_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_14_3467:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_14_3476_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_14_3476:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_3567_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_3567:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_5566_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_5566:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_5578_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_5578:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_5579_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_5579:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_5582_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_5582:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_7572_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_7572:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_17_7773_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_17_7773:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_gaming_7577_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_gaming_7577:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3471_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3471:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3493_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3493:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3511_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3511:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3576_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3576:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3593_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3593:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3670:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3671_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3671:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3780_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3780:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3781_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3781:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3790_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3790:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3793_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3793:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3880_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3880:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3881_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3881:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3891_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3891:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5301_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5301:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5391_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5391:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5400_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5400_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5401_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5401_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5402_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5402:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5406_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5406_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5408_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5408:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5409_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5409:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5410_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5410_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5482_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5482:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5490_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5490_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5491_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5491_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5493_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5493:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5494_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5494:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5498_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5498:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5502_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5502:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5508_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5508:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5509_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5509:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5583_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5583:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5584_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5584:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5591_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5591_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5593_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5593:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5594_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5594:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5598_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5598:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5770_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5770:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7300_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7300_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7306_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7306_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7373_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7373:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7386_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7386:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7391_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7391:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7472_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7472:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7500_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7500_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7506_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7506_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7573_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7573:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7586_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7586:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7591_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7591:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7610_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7700_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7700_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7706_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7706_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7786_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7786:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7790_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7790:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7791_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7791:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5491_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5491_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3180_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3180:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3189_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3189:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3190_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3190:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3190_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3190_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3301_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3301:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3310_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3310_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3320_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3379_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3379:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3420_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5175_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5175:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5179_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5179:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5285_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5285_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5288_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5288:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5289_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5289:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5290_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5290_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5300_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5300_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5310_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5310_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5320_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5411_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5411:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5414_rugged_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5414_rugged:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5420_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5420_rugged_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5420_rugged:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5424_rugged_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5424_rugged:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5488_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5488:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5491_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5491:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5495_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5495:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5511_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5511:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5521_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5521:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5591_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5591:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7200_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7200_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7210_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7210_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7212_rugged_extreme_tablet_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7212_rugged_extreme_tablet:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7220_rugged_extreme_tablet_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7220_rugged_extreme_tablet:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7220ex_rugged_extreme_tablet_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7220ex_rugged_extreme_tablet:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7275_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7275_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7285_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7285:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7320_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7320_detachable_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7320_detachable:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7389_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7389:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7390_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7390_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7400_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7400_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7414_rugged_extreme_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7414_rugged_extreme:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7420_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7424_rugged_extreme_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7424_rugged_extreme:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_9410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_9410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_9420_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_9420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_9510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_9510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_9520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_9520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5270_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e7270_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e7270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e7470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e7470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_rugged_5430_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_rugged_5430:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_rugged_7330_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_rugged_7330:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5421_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5421:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3046_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3046:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3050_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3050_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3090_ultra_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3090_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3240_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3240_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3280_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3280_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5250_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5260_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5260_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5270_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5270_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5480_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5480_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5490_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5490_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7070_ultra_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7070_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7071_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7071:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7090_ultra_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7090_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7440_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7440_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7460_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7460:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7470_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7470_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7480_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7480_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7490_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7490_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7760_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7760_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7770_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7770_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7780_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7780_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_xe3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_xe3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3240_compact_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3240_compact:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3420_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3420_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3430_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3430_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3431_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3431_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3440_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3440:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3541_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3541:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3551_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3551:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3560_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3561_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3561:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3620_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3620_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3630_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3630_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3640_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3640_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3650_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3650_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3930_rack_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3930_rack:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5530_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5530_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5560_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5750_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5760_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5820_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5820_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7560_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7710_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7720_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7730_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7730:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7740_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7740:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7750_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7760_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7920_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7920_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7820_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7820_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_15_7570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_15_7570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_15_7580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_15_7580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3267_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3267:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3268_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3468_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3468:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3471_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3471:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3478_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3478:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3568_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3568:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3578_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3578:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3583_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3583:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3584_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3584:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3660_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3667_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3668_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3668:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3669_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3669:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3670:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3671_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3671:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3681_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3681:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3690_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3690:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3710_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3881_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3881:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3888_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3888:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5301_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5301:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5391_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5391:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5402_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5402:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5468_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5468:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5471_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5471:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5491_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5491:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5502_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5502:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5568_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5568:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5591_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5591:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5880_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5880:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_7500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_7510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_7510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_5070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_5070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_5470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_5470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_5470_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_5470_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_7040_thin_client_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_7040_thin_client:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9305_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9305:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9310_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9310_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9365_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9365:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_9500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_9500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_9510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_9510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_9575_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_9575_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_17_9700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_17_9700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_17_9710_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_17_9710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_27_7760_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_27_7760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_8940_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_8940:-:*:*:*:*:*:*:*']",0,0
CVE-2022-31233,Dell,0.00044,8.0,0.0,0.0,1.0,1.0,1,2022-08-31,1.0,2022-06-27,,,1.0,Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. An adjacent malicious user may potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to.,CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,"['CWE-669', 'CWE-602']","['cpe:2.3:a:dell:evasa_provider_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:solutions_enabler:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_360:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_for_powermax:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:vasa:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:powermax_os:5978:*:*:*:*:*:*:*']",0,0
CVE-2022-32493,Dell,0.00045,7.8,0.0,1.0,0.0,1.0,1,2022-10-12,1.0,2022-08-31,,,1.0,Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:h:dell:alienware_area_51m_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_area_51m_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_area_51m_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_area_51m_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r11:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r11_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r12_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r13_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r13:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_aurora_r9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_aurora_r9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m15_r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m15_r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_m17_r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_m17_r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_x14_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_x14:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_x15_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_x15_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_x15_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_x15_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_x17_r1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_x17_r1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:alienware_x17_r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:alienware_x17_r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3980_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3980:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3988_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3988:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3990_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3990:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:chengming_3991_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chengming_3991:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_15_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_15_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_15_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_15_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_3579:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_3579_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g3_3779:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g3_3779_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g5_5090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g5_5090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_17_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_17_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_17_7790:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:g7_17_7790_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:edge_gateway_3000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:edge_gateway_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:edge_gateway_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:edge_gateway_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:embedded_box_pc_3000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:embedded_box_pc_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:embedded_box_pc_5000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:embedded_box_pc_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_14_3467_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_14_3467:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_2-in-1_5582_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_2-in-1_5582:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_15_3567_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_15_3567:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3277_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3277:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3471_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3471:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3477_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3477:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3482_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3482:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3493_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3493:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3502_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3502:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3582_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3582:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3593_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3593:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3670:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3671_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3671:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3780_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3780:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3781_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3781:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3782_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3782:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3790_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3790:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3793_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3793:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3880_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3880:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_3881_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_3881:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5391_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5391:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5477_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5477:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5482_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5482:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5491_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5491_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5493_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5493:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5494_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5494:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5498_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5498:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5491_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5491_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5583_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5583:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5584_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5584:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5591_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5591_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5593_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5593:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5594_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5594:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5598_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5598:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5680_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5680:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_5770_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_5770:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7373_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7373:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7386_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7386:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7391_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7391:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7573_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7573:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7586_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7586:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7591_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7591:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7700_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7700_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7777_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7777:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7786_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7786:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7790_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7790:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:inspiron_7791_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:inspiron_7791:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3180_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3180:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3189_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3189:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3190_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3190:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3190_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3190_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3301_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3301:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3310_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3310_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3379_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3379:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5285_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5285_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5289_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5289:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5290_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5290_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5300_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5300_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5310_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5310_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5411_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5411:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5414_rugged_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5414_rugged:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5420_rugged_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5420_rugged:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5488_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5488:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5491_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5491:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5495_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5495:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5511_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5511:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_5591_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_5591:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7200_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7200_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7210_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7210_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7212_rugged_extreme_tablet_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7212_rugged_extreme_tablet:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7214_rugged_extreme_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7214_rugged_extreme:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7220_rugged_extreme_tablet_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7220_rugged_extreme_tablet:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7220ex_rugged_extreme_tablet_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7220ex_rugged_extreme_tablet:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7275_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7275_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7389_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7389:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7390_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7390_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7400_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7400_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7414_rugged_extreme_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7414_rugged_extreme:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7424_rugged_extreme_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7424_rugged_extreme:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_7490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_7490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_9410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_9410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_9510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_9510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5270_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e5570_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e5570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e7270_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e7270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:latitude_e7470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:latitude_e7470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3046_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3046:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3050_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3050_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_3280_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_3280_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5260_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5260_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_5480_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_5480_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7060_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7070_ultra_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7070_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7071_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7071:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7080_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7460_all_in_one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7460_all_in_one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7470_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7470_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_7480_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_7480_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:optiplex_xe3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:optiplex_xe3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3240_compact_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3240_compact:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3420_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3420_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3430_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3430_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3431_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3431_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3440_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3440:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3541_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3541:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3551_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3551:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3620_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3620_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3630_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3630_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3640_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3640_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_3930_rack_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_3930_rack:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5530_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5530_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5720_aio_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5720_aio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_5820_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_5820_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7530_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7550_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7710_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7720_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7730_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7730:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7740_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7740:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7750_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7820_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7820_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:precision_7920_tower_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:precision_7920_tower:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3267_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3267:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3268_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3471_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3471:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3481_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3481:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3501_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3501:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3582_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3582:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3583_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3583:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3584_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3584:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3667_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3668_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3668:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3669_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3669:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3670:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3671_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3671:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3681_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3681:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3881_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3881:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_3888_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_3888:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5391_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5391:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5581_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5581:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5591_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5591:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_5880_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_5880:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:vostro_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:vostro_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_5070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_5070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_5470_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_5470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_5470_all-in-one_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_5470_all-in-one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:wyse_7040_thin_client_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:wyse_7040_thin_client:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_7390_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_7390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_7390_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_7390_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9365_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9365_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_13_9380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_13_9380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_15_9575_2-in-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_15_9575_2-in-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_7590_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_7590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_8930_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_8930:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_8940_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_8940:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:xps_8950_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:xps_8950:-:*:*:*:*:*:*:*']",0,0
CVE-2016-0887,Dell,0.00432,5.9,0.0,0.0,1.0,0.0,0,2016-04-12,0.0,,0.0,,,"EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2.1, and RSA BSAFE SSL-C before 2.8.9 allow remote attackers to discover a private-key prime by conducting a Lenstra side-channel attack that leverages an application's failure to detect an RSA signature failure during a TLS session.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-200'],"['cpe:2.3:a:dell:bsafe_crypto-c-micro-edition:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:bsafe_crypto-c-micro-edition:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:bsafe_crypto-j:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:bsafe_ssl-c:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:bsafe_ssl-j:*:*:*:*:*:*:*:*']",0,0
CVE-2016-0912,Dell,0.00296,9.8,0.0,0.0,0.0,1.0,0,2016-06-19,0.0,,0.0,,,EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to (1) a different account with the same role as a target account or (2) an account's session at an unattended workstation.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-264'],['cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:*:*:*:*'],0,0
CVE-2016-8217,Dell,0.00161,3.7,0.0,0.0,1.0,0.0,0,2017-02-03,0.0,,0.0,,,EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS#12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS#12 file to the toolkit and guess the current MAC one byte at a time. This is possible because Crypto-J uses a non-constant-time method to compare the stored MAC with the calculated MAC. This vulnerability is similar to the issue described in CVE-2015-2601.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,NONE,NONE,LOW,2.2,1.4,['CWE-200'],['cpe:2.3:a:dell:bsafe_crypto-j:*:*:*:*:*:*:*:*'],0,0
CVE-2017-8001,Dell,0.00076,8.4,0.0,0.0,1.0,0.0,0,2017-11-28,0.0,,0.0,,,"An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log files. The temporary files may potentially be read by an unprivileged user with access to the server where the script was executed to recover exposed credentials.",CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.5,5.9,['CWE-532'],"['cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_scaleio:2.0.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_scaleio:2.0.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_scaleio:2.0.1.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_scaleio:2.0.1.3:*:*:*:*:*:*:*']",0,0
CVE-2017-8023,Dell,0.01059,9.8,0.0,0.0,1.0,0.0,0,2019-04-01,0.0,,0.0,,,"EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the Networker Client execution service (nsrexecd) when oldauth authentication method is used. An unauthenticated remote attacker could send arbitrary commands via RPC service to be executed on the host system with the privileges of the nsrexecd service, which runs with administrative privileges.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:a:dell:emc_networker:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_networker:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_networker:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_networker:*:*:*:*:*:*:*:*']",0,0
CVE-2018-15767,Dell,0.01933,8.8,1.0,0.0,1.0,0.0,0,2018-11-30,1.0,2021-02-21,,,0.0,The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-863'],['cpe:2.3:a:dell:openmanage_network_manager:*:*:*:*:*:*:*:*'],1,1
CVE-2019-3751,Dell,0.00154,7.4,0.0,0.0,1.0,0.0,0,2019-09-03,0.0,,0.0,,,"Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0, 2.1, and 3.0 contain a certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.2,5.2,['CWE-295'],"['cpe:2.3:a:dell:emc_enterprise_copy_data_management:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_enterprise_copy_data_management:1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_enterprise_copy_data_management:2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_enterprise_copy_data_management:2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_enterprise_copy_data_management:3.0:*:*:*:*:*:*:*']",0,0
CVE-2019-3759,Dell,0.00596,8.1,1.0,0.0,1.0,0.0,0,2019-09-11,1.0,2019-09-09,,,1.0,The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a code injection vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to run custom Groovy scripts to gain limited access to view or modify information on the Workflow system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,['CWE-94'],"['cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:-:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:p1:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:p2_hotfix2:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:p3:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:p4:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:p5:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:p5_hotfix2:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:-:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p1:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p10:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p11:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p12:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p13:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p14:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p2:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p3:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p4:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p5:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p6:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p7:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p8:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p9:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:-:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p01:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p02:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p03:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p04:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p05:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p06:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p07:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.1:-:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.1:p1:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_via_lifecycle_and_governance:7.0.0:-:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_via_lifecycle_and_governance:7.0.0:p1:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_via_lifecycle_and_governance:7.0.0:p2:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_via_lifecycle_and_governance:7.0.0:p3:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_via_lifecycle_and_governance:7.0.0:p4:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_via_lifecycle_and_governance:7.0.0:p5:*:*:*:*:*:*']",1,0
CVE-2019-3761,Dell,0.00066,5.4,0.0,0.0,1.0,0.0,0,2019-09-11,1.0,2019-09-09,,,1.0,"The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a stored cross-site scripting vulnerability in the Access Request module. A remote authenticated malicious user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the stored malicious code would gets executed by the web browser in the context of the vulnerable web application.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:-:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:p1:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:p2_hotfix2:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:p3:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:p4:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:p5:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.1:p5_hotfix2:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:-:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p1:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p10:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p11:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p12:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p13:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p14:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p2:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p3:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p4:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p5:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p6:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p7:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p8:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.0.2:p9:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:-:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p01:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p02:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p03:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p04:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p05:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p06:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.0:p07:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.1:-:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_identity_governance_and_lifecycle:7.1.1:p1:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_via_lifecycle_and_governance:7.0.0:-:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_via_lifecycle_and_governance:7.0.0:p1:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_via_lifecycle_and_governance:7.0.0:p2:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_via_lifecycle_and_governance:7.0.0:p3:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_via_lifecycle_and_governance:7.0.0:p4:*:*:*:*:*:*', 'cpe:2.3:a:dell:rsa_via_lifecycle_and_governance:7.0.0:p5:*:*:*:*:*:*']",0,0
CVE-2019-3770,Dell,0.00068,6.4,0.0,0.0,1.0,0.0,0,2020-03-13,1.0,2021-02-21,,,0.0,"Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability when unregistering a device. A remote authenticated malicious user with low privileges could exploit this vulnerability to store malicious HTML or JavaScript code. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,NONE,CHANGED,LOW,LOW,NONE,MEDIUM,3.1,2.7,['CWE-79'],['cpe:2.3:a:dell:wyse_management_suite:*:*:*:*:*:*:*:*'],0,0
CVE-2020-26181,Dell,0.00044,7.8,0.0,0.0,1.0,1.0,0,2021-01-05,0.0,,0.0,,,Dell EMC Isilon OneFS versions 8.1 and later and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability on a SmartLock Compliance mode cluster. The compadmin user connecting using ISI PRIV LOGIN SSH or ISI PRIV LOGIN CONSOLE can elevate privileges to the root user if they have ISI PRIV HARDENING privileges.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['NVD-CWE-noinfo', 'CWE-269']","['cpe:2.3:a:dell:emc_isilon_onefs:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_powerscale_onefs:9.0.0:*:*:*:*:*:*:*']",0,0
CVE-2020-26199,Dell,0.00042,6.7,0.0,0.0,1.0,0.0,0,2021-01-05,1.0,2020-12-17,,,1.0,"Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a plain-text password storage vulnerability. A user credentials (including the Unisphere admin privilege user) password is stored in a plain text in multiple log files. A local authenticated attacker with access to the log files may use the exposed password to gain access with the privileges of the compromised user.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-532'],"['cpe:2.3:a:dell:emc_unity_operating_environment:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_unity_vsa_operating_environment:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_unity_xt_operating_environment:*:*:*:*:*:*:*:*']",0,0
CVE-2020-29505,Dell,0.00178,7.5,0.0,0.0,1.0,0.0,0,2022-07-11,1.0,2022-07-06,,,1.0,"Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-331'],"['cpe:2.3:a:dell:bsafe_crypto-c-micro-edition:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:retail_customer_insights:15.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:retail_customer_insights:16.0.2:*:*:*:*:*:*:*']",0,0
CVE-2020-5316,Dell,0.00044,7.8,0.0,0.0,1.0,0.0,0,2021-07-22,1.0,2021-11-10,,,0.0,"Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3 and Dell SupportAssist for Home PCs version 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, 3.2.1, 3.2.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.4 contain an uncontrolled search path vulnerability. A locally authenticated low privileged user could exploit this vulnerability to cause the loading of arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of arbitrary code.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],"['cpe:2.3:a:dell:supportassist_for_business_pcs:2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_business_pcs:2.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_business_pcs:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_business_pcs:2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_business_pcs:2.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_business_pcs:2.1.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_business_pcs:2.1.3:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:2.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:2.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:2.1.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:2.1.3:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:2.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:2.2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:2.2.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:2.2.3:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:3.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:3.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:3.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:3.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:3.2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:3.2.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:3.3:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:3.3.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:3.3.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:3.3.3:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:supportassist_for_home_pcs:3.4:*:*:*:*:*:*:*']",0,0
CVE-2020-5350,Dell,0.00179,7.2,0.0,0.0,1.0,0.0,0,2020-04-15,0.0,,0.0,,,"Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component. A remote authenticated malicious user with root privileges could inject parameters in the ACM component APIs that could lead to manipulation of passwords and execution of malicious commands on ACM component.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.2:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.3:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.4:*:*:*:*:*:*:*']",0,0
CVE-2020-5358,Dell,0.00044,7.8,0.0,0.0,1.0,0.0,0,2020-06-15,1.0,2021-11-10,,,0.0,Dell Encryption versions prior to 10.7 and Dell Endpoint Security Suite versions prior to 2.7 contain a privilege escalation vulnerability due to incorrect permissions. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-732'],"['cpe:2.3:a:dell:encryption:*:*:*:*:*:enterprise:*:*', 'cpe:2.3:a:dell:endpoint_security_suite_enterprise:*:*:*:*:*:*:*:*']",0,0
CVE-2020-5370,Dell,0.00213,6.8,0.0,0.0,1.0,0.0,0,2021-07-22,1.0,2021-02-21,,,1.0,Dell EMC OpenManage Enterprise (OME) versions prior to 3.4 contain an arbitrary file overwrite vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to overwrite arbitrary files via directory traversal sequences using a crafted tar file to inject malicious RPMs which may cause a denial of service or perform unauthorized actions.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-22'],['cpe:2.3:a:dell:emc_openmanage_enterprise:*:*:*:*:*:*:*:*'],0,0
CVE-2020-5371,Dell,0.00096,8.8,0.0,0.0,1.0,1.0,0,2020-07-06,0.0,,0.0,,,"Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale version 9.0.0 contain a file permissions vulnerability. An attacker, with network or local file access, could take advantage of insufficiently applied file permissions or gain unauthorized access to files.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-732'],"['cpe:2.3:a:dell:emc_isilon_onefs:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_powerscale_onefs:9.0.0:*:*:*:*:*:*:*']",0,0
CVE-2020-5373,Dell,0.00378,7.5,0.0,0.0,1.0,0.0,0,2020-07-14,1.0,2021-02-21,,,0.0,Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to retrieve the system inventory data of the managed device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:a:dell:emc_omimssc_for_sccm:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_omimssc_for_scvmm:*:*:*:*:*:*:*:*']",0,0
CVE-2020-5374,Dell,0.00378,7.5,0.0,0.0,1.0,0.0,0,2020-07-14,1.0,2021-02-21,,,0.0,Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain a hard-coded cryptographic key vulnerability. A remote unauthenticated attacker may exploit this vulnerability to gain access to the appliance data for remotely managed devices.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-798', 'CWE-256']","['cpe:2.3:a:dell:emc_omimssc_for_sccm:*:*:*:*:*:*:*:*', 'cpe:2.3:a:dell:emc_omimssc_for_scvmm:*:*:*:*:*:*:*:*']",0,0
CVE-2020-5378,Dell,0.00081,6.8,0.0,1.0,0.0,0.0,0,2020-09-02,1.0,2021-02-21,,,0.0,Dell G7 17 7790 BIOS versions prior to 1.13.2 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in System Management Mode (SMM).,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-416'],"['cpe:2.3:o:dell:g7_17_7790_bios:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:g7_17_7790:-:*:*:*:*:*:*:*']",0,0
CVE-2021-21536,Dell,0.00042,5.5,0.0,0.0,1.0,0.0,0,2021-04-30,1.0,2021-04-20,,,1.0,Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to register the client to a server in order to view sensitive information.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-200'],['cpe:2.3:a:dell:hybrid_client:*:*:*:*:*:*:*:*'],0,0
CVE-2021-21541,Dell,0.00151,6.1,0.0,0.0,0.0,1.0,0,2021-04-30,1.0,2021-04-14,,,1.0,Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a DOM-based cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to DOM environment in the browser. The malicious code is then executed by the web browser in the context of the vulnerable web application.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:o:dell:idrac9_firmware:*:*:*:*:*:*:*:*'],0,0
CVE-2021-21555,Dell,0.00044,6.7,0.0,1.0,0.0,1.0,0,2021-06-14,1.0,2021-06-08,,,1.0,"Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,"['CWE-787', 'CWE-122']","['cpe:2.3:h:dell:poweredge_r640:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_r740:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_r740xd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_r940:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_r840:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_r940xa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_t640:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_mx740c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_mx840c:-:*:*:*:*:*:*:*']",0,0
CVE-2021-21556,Dell,0.00042,6.7,0.0,1.0,0.0,1.0,0,2021-06-14,1.0,2021-06-08,,,1.0,"Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_r640:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_r740:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_r740xd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_r940:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_r840:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_r940xa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_t640:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_mx740c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:poweredge_mx840c:-:*:*:*:*:*:*:*']",0,0
CVE-2021-21562,Dell,0.00044,4.4,0.0,0.0,0.0,1.0,0,2021-08-03,1.0,2021-05-26,,,1.0,Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability allows a user with (ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE) and (ISI_PRIV_SYS_UPGRADE or ISI_PRIV_AUDIT) to provide an untrusted path which can lead to run resources that are not under the application’s direct control.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,0.8,3.6,['CWE-426'],"['cpe:2.3:o:dell:emc_powerscale_onefs:8.1.2:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_powerscale_onefs:8.1.3:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_powerscale_onefs:9.0.0.0:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:emc_powerscale_onefs:9.1.0.0:*:*:*:*:*:*:*']",0,0
CVE-2021-36307,Dell,0.00104,8.8,0.0,0.0,0.0,1.0,0,2021-11-20,1.0,2021-11-01,,,1.0,"Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-269'],"['cpe:2.3:o:dell:networking_os10:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:networking_os10:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:networking_os10:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:networking_os10:*:*:*:*:*:*:*:*']",0,0
CVE-2022-22552,Dell,0.0012,6.1,0.0,0.0,1.0,0.0,0,2022-01-21,1.0,2022-01-19,,,1.0,Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote unauthenticated attacker could potentially exploit this vulnerability to trick the victim into executing state changing operations.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-1021'],['cpe:2.3:a:dell:emc_appsync:*:*:*:*:*:*:*:*'],0,0
CVE-2022-22561,Dell,0.00413,9.8,0.0,0.0,0.0,1.0,0,2022-04-12,1.0,2022-01-31,,,1.0,"Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-307'],['cpe:2.3:o:dell:emc_powerscale_onefs:*:*:*:*:*:*:*:*'],0,0
CVE-2022-24409,Dell,0.00078,7.5,0.0,0.0,1.0,0.0,0,2022-02-23,1.0,2022-02-14,,,1.0,Dell BSAFE SSL-J contains remediation for a covert timing channel vulnerability that may be exploited by malicious users to compromise the affected system. Only customers with active BSAFE maintenance contracts can receive details about this vulnerability. Public disclosure of the vulnerability details will be shared at a later date.,CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,"['NVD-CWE-Other', 'CWE-385']",['cpe:2.3:a:dell:bsafe_ssl-j:*:*:*:*:*:*:*:*'],0,0
CVE-2022-24428,Dell,0.00078,8.8,0.0,0.0,0.0,1.0,0,2022-04-08,1.0,2022-04-04,,,1.0,"Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. A remote filesystem user with a local account could potentially exploit this vulnerability, leading to an escalation of file privileges and information disclosure.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-281'],['cpe:2.3:o:dell:emc_powerscale_onefs:*:*:*:*:*:*:*:*'],0,0
CVE-2022-33918,Dell,0.00044,5.5,0.0,0.0,1.0,0.0,0,2022-10-12,1.0,2022-09-22,,,1.0,"Dell GeoDrive, Versions 2.1 - 2.2, contains an information disclosure vulnerability. An authenticated non-admin user could potentially exploit this vulnerability and gain access to sensitive information.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,"['CWE-312', 'CWE-316']",['cpe:2.3:a:dell:geodrive:*:*:*:*:*:*:*:*'],0,0
CVE-2022-33919,Dell,0.00044,7.8,0.0,0.0,1.0,0.0,0,2022-10-12,1.0,2022-09-22,,,1.0,"Dell GeoDrive, versions 2.1 - 2.2, contains an information disclosure vulnerability in GUI. An authenticated non-admin user could potentially exploit this vulnerability and view sensitive information.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['NVD-CWE-Other', 'CWE-200']",['cpe:2.3:a:dell:geodrive:*:*:*:*:*:*:*:*'],0,0
CVE-2022-33921,Dell,0.00044,7.8,0.0,0.0,1.0,0.0,0,2022-10-12,1.0,2022-09-22,,,1.0,"Dell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities. A low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code in the SYSTEM security context.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:dell:geodrive:*:*:*:*:*:*:*:*'],0,0
CVE-2022-33924,Dell,0.00072,5.3,0.0,0.0,1.0,0.0,0,2022-08-10,1.0,2022-07-18,,,1.0,Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and create rules.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE,MEDIUM,3.9,1.4,"['NVD-CWE-Other', 'CWE-284']",['cpe:2.3:a:dell:wyse_management_suite:*:*:*:*:*:*:*:*'],0,0
CVE-2016-6257,Amazon,0.00206,6.5,0.0,1.0,0.0,1.0,1,2016-08-02,0.0,,0.0,,,"The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system by leveraging proximity to the dongle, aka a ""KeyJack injection attack.""",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-310'],"['cpe:2.3:o:amazonbasics:firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:amazonbasics:usb_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:amazonbasics:wireless_keyboard:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:km714_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:km714_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:km714_wireless_keyboard:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dell:km632_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:km632_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:km632_wireless_keyboard:-:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:unifying_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:logitech:unifying_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:logitech:unifying_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lenovo:ultraslim_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:ultraslim_dongle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:ultraslim_wireless_keyboard:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16867,Amazon,0.0012,6.5,0.0,1.0,0.0,1.0,1,2017-11-16,0.0,,0.0,,,"Amazon Key through 2017-11-16 mishandles Cloud Cam 802.11 deauthentication frames during the delivery process, which makes it easier for (1) delivery drivers to freeze a camera and re-enter a house for unfilmed activities or (2) attackers to freeze a camera and enter a house if a delivery driver failed to ensure a locked door before leaving.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:amazon:amazon_key_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amazon:amazon_key:-:*:*:*:*:*:*:*']",0,0
CVE-2018-11567,Amazon,0.00105,3.3,0.0,1.0,0.0,1.0,1,2018-05-30,0.0,,0.0,,,"Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if the user still does not respond, the microphone is then turned off. The vulnerability involves empty output-speech reprompts, custom wildcard (""gibberish"") input slots, and logging of detected speech. If a maliciously designed skill is installed, an attacker could obtain transcripts of speech not intended for Alexa to process, but simply spoken within the device's hearing range. NOTE: The vendor states ""Customer trust is important to us and we take security and privacy seriously. We have put mitigations in place for detecting this type of skill behavior and reject or suppress those skills when we do. Customers do not need to take any action for these mitigations to work.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,['CWE-384'],"['cpe:2.3:o:amazon:echo_show_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amazon:echo_show:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amazon:echo_plus_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amazon:echo_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amazon:echo_dot_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amazon:echo_dot:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amazon:echo_spot_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amazon:echo_spot:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amazon:echo_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amazon:echo:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9483,Amazon,0.00115,9.1,0.0,1.0,0.0,0.0,1,2019-03-01,0.0,,0.0,,,"Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['CWE-327'],"['cpe:2.3:o:amazon:ring_video_doorbell_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amazon:ring_video_doorbell:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6189,Amazon,0.00042,7.3,0.0,0.0,1.0,0.0,0,2017-03-15,1.0,2017-02-28,,,1.0,Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.,CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.3,5.9,['CWE-426'],['cpe:2.3:a:amazon:kindle_for_pc:*:*:*:*:*:*:*:*'],0,0
CVE-2018-16522,Amazon,0.00451,8.1,0.0,0.0,1.0,0.0,0,2018-12-06,1.0,2018-10-18,,,1.0,Amazon Web Services (AWS) FreeRTOS through 1.3.1 has an uninitialized pointer free in SOCKETS_SetSockOpt.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-824'],['cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*'],0,0
CVE-2018-16523,Amazon,0.00272,7.4,0.0,0.0,1.0,1.0,0,2018-12-06,1.0,2018-10-18,,,1.0,"Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,HIGH,2.2,5.2,['CWE-369'],"['cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*']",0,0
CVE-2018-16524,Amazon,0.00144,5.9,0.0,0.0,1.0,1.0,0,2018-12-06,1.0,2018-10-18,,,1.0,"Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-200'],"['cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*']",0,0
CVE-2018-16525,Amazon,0.03289,8.1,0.0,0.0,1.0,1.0,0,2018-12-06,1.0,2018-10-18,,,1.0,"Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\LLMNR packets in prvParseDNSReply.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*']",0,0
CVE-2018-16600,Amazon,0.00144,5.9,0.0,0.0,1.0,1.0,0,2018-12-06,1.0,2018-10-18,,,1.0,"An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-200'],"['cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*']",0,0
CVE-2018-16601,Amazon,0.03377,8.1,0.0,0.0,1.0,1.0,0,2018-12-06,1.0,2018-10-18,,,1.0,"An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-191'],"['cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*']",0,0
CVE-2018-16603,Amazon,0.00265,5.9,0.0,0.0,1.0,1.0,0,2018-12-06,1.0,2018-10-18,,,1.0,"An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-200'],"['cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*']",0,0
CVE-2019-11554,Amazon,0.00081,5.9,0.0,0.0,1.0,0.0,0,2019-12-06,0.0,,0.0,,,"The Audible application through 2.34.0 for Android has Missing SSL Certificate Validation for Adobe SDKs, allowing MITM attackers to cause a denial of service.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.2,3.6,['CWE-295'],['cpe:2.3:a:amazon:audible:*:*:*:*:*:android:*:*'],0,0
CVE-2019-13120,Amazon,0.00168,7.5,0.0,0.0,1.0,0.0,0,2019-10-07,1.0,2019-06-30,,,1.0,"Amazon FreeRTOS up to and including v1.4.8 lacks length checking in prvProcessReceivedPublish, resulting in untargetable leakage of arbitrary memory contents on a device to an attacker. If an attacker has the authorization to send a malformed MQTT publish packet to an Amazon IoT Thing, which interacts with an associated vulnerable MQTT message in the application, specific circumstances could trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-125'],['cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*'],0,0
CVE-2019-7399,Amazon,0.00254,7.4,0.0,0.0,0.0,1.0,0,2019-02-17,1.0,2019-10-01,,,0.0,"Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for ""Terms of Use"" and Privacy pages.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.2,5.2,['CWE-346'],['cpe:2.3:o:amazon:fire_os:*:*:*:*:*:*:*:*'],0,0
CVE-2020-16843,Amazon,0.00132,5.9,0.0,0.0,1.0,0.0,0,2020-08-04,1.0,2020-08-13,,,0.0,"In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:amazon:firecracker:0.20.0:*:*:*:*:*:*:*', 'cpe:2.3:a:amazon:firecracker:0.21.0:*:*:*:*:*:*:*', 'cpe:2.3:a:amazon:firecracker:0.21.1:*:*:*:*:*:*:*']",0,0
CVE-2020-27174,Amazon,0.00198,7.5,0.0,0.0,1.0,0.0,0,2020-10-16,1.0,2020-10-23,,,0.0,"In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-401'],"['cpe:2.3:a:amazon:firecracker:*:*:*:*:*:*:*:*', 'cpe:2.3:a:amazon:firecracker:*:*:*:*:*:*:*:*']",0,0
CVE-2020-8912,Amazon,0.00044,2.5,0.0,0.0,1.0,0.0,0,2020-08-11,0.0,,1.0,2020-08-07,,"A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N,LOCAL,HIGH,LOW,NONE,UNCHANGED,LOW,NONE,NONE,LOW,1.0,1.4,['CWE-327'],['cpe:2.3:a:amazon:aws_s3_crypto_sdk:*:*:*:*:*:golang:*:*'],0,0
CVE-2021-30355,Amazon,0.00085,8.6,0.0,1.0,0.0,0.0,0,2021-09-01,0.0,,0.0,,,"Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH,HIGH,1.8,6.0,['CWE-269'],"['cpe:2.3:h:amazon:kindle:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amazon:kindle_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-37436,Amazon,0.00075,4.2,0.0,1.0,0.0,1.0,0,2021-07-24,0.0,,0.0,,,"Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vendor marketing statements about safely removing personal content via a factory reset. Also, the vendor has reportedly indicated that they are working on mitigations.",CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,PHYSICAL,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.5,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:amazon:echo_dot:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amazon:echo_dot_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-40830,Amazon,0.00109,8.8,0.0,0.0,1.0,0.0,0,2021-11-23,0.0,,0.0,,,"The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA) to the root CAs instead of overriding it on Unix systems. TLS handshakes will thus succeed if the peer can be verified either from the user-supplied CA or the system’s default trust-store. Attackers with access to a host’s trust stores or are able to compromise a certificate authority already in the host's trust store (note: the attacker must also be able to spoof DNS in this case) may be able to use this issue to bypass CA pinning. An attacker could then spoof the MQTT broker, and either drop traffic and/or respond with the attacker's data, but they would not be able to forward this data on to the MQTT broker because the attacker would still need the user's private keys to authenticate against the MQTT broker. The 'aws_tls_ctx_options_override_default_trust_store_*' function within the aws-c-io submodule has been updated to override the default trust store. This corrects this issue. This issue affects: Amazon Web Services AWS IoT Device SDK v2 for Java versions prior to 1.5.0 on Linux/Unix. Amazon Web Services AWS IoT Device SDK v2 for Python versions prior to 1.6.1 on Linux/Unix. Amazon Web Services AWS IoT Device SDK v2 for C++ versions prior to 1.12.7 on Linux/Unix. Amazon Web Services AWS IoT Device SDK v2 for Node.js versions prior to 1.5.3 on Linux/Unix. Amazon Web Services AWS-C-IO 0.10.4 on Linux/Unix.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-295'],"['cpe:2.3:a:amazon:amazon_web_services_aws-c-io:0.10.4:*:*:*:*:*:*:*', 'cpe:2.3:a:amazon:amazon_web_services_internet_of_things_device_software_development_kit_v2:*:*:*:*:*:java:*:*', 'cpe:2.3:a:amazon:amazon_web_services_internet_of_things_device_software_development_kit_v2:*:*:*:*:*:node.js:*:*', 'cpe:2.3:a:amazon:amazon_web_services_internet_of_things_device_software_development_kit_v2:*:*:*:*:*:python:*:*', 'cpe:2.3:a:amazon:amazon_web_services_internet_of_things_device_software_development_kit_v2:*:*:*:*:*:c\\+\\+:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*']",0,0
CVE-2021-40831,Amazon,0.00188,7.2,0.0,0.0,1.0,0.0,0,2021-11-23,0.0,,0.0,,,"The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA) to the root CAs instead of overriding it on macOS systems. Additionally, SNI validation is also not enabled when the CA has been “overridden”. TLS handshakes will thus succeed if the peer can be verified either from the user-supplied CA or the system’s default trust-store. Attackers with access to a host’s trust stores or are able to compromise a certificate authority already in the host's trust store (note: the attacker must also be able to spoof DNS in this case) may be able to use this issue to bypass CA pinning. An attacker could then spoof the MQTT broker, and either drop traffic and/or respond with the attacker's data, but they would not be able to forward this data on to the MQTT broker because the attacker would still need the user's private keys to authenticate against the MQTT broker. The 'aws_tls_ctx_options_override_default_trust_store_*' function within the aws-c-io submodule has been updated to address this behavior. This issue affects: Amazon Web Services AWS IoT Device SDK v2 for Java versions prior to 1.5.0 on macOS. Amazon Web Services AWS IoT Device SDK v2 for Python versions prior to 1.7.0 on macOS. Amazon Web Services AWS IoT Device SDK v2 for C++ versions prior to 1.14.0 on macOS. Amazon Web Services AWS IoT Device SDK v2 for Node.js versions prior to 1.6.0 on macOS. Amazon Web Services AWS-C-IO 0.10.7 on macOS.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-295'],"['cpe:2.3:a:amazon:amazon_web_services_aws-c-io:0.10.7:*:*:*:*:*:*:*', 'cpe:2.3:a:amazon:amazon_web_services_internet_of_things_device_software_development_kit_v2:*:*:*:*:*:java:*:*', 'cpe:2.3:a:amazon:amazon_web_services_internet_of_things_device_software_development_kit_v2:*:*:*:*:*:node.js:*:*', 'cpe:2.3:a:amazon:amazon_web_services_internet_of_things_device_software_development_kit_v2:*:*:*:*:*:python:*:*', 'cpe:2.3:a:amazon:amazon_web_services_internet_of_things_device_software_development_kit_v2:*:*:*:*:*:c\\+\\+:*:*', 'cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*']",0,0
CVE-2021-43997,Amazon,0.00042,7.8,0.0,0.0,0.0,1.0,0,2021-11-17,1.0,2021-11-17,,,1.0,"FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with MPU support enabled (i.e. configENABLE_MPU set to 1). These are fixed in V10.5.0 and in V10.4.3-LTS Patch 3.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:amazon:freertos:*:*:*:*:-:*:*:*', 'cpe:2.3:o:amazon:freertos:10.4.3:patch1:*:*:lts:*:*:*']",0,0
CVE-2022-24709,Amazon,0.00079,6.1,0.0,0.0,1.0,0.0,0,2022-02-24,1.0,2022-02-24,,,1.0,"@awsui/components-react is the main AWS UI package which contains React components, with TypeScript definitions designed for user interface development. Multiple components in versions before 3.0.367 have been found to not properly neutralize user input and may allow for javascript injection. Users are advised to upgrade to version 3.0.367 or later. There are no known workarounds for this issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:amazon:awsui\\/components-react:*:*:*:*:*:node.js:*:*'],0,0
CVE-2022-31159,Amazon,0.0005,6.5,0.0,0.0,1.0,0.0,0,2022-07-15,1.0,2022-07-15,,,1.0,"The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the `downloadDirectory` method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the `destinationDirectory` argument, but S3 object keys are determined by the application that uploaded the objects. The `downloadDirectory` method allows the caller to pass a filesystem object in the object key but contained an issue in the validation logic for the key name. A knowledgeable actor could bypass the validation logic by including a UNIX double-dot in the bucket key. Under certain conditions, this could permit them to retrieve a directory from their S3 bucket that is one level up in the filesystem from their working directory. This issue’s scope is limited to directories whose name prefix matches the destinationDirectory. E.g. for destination directory`/tmp/foo`, the actor can cause a download to `/tmp/foo-bar`, but not `/tmp/bar`. If `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory` is used to download an untrusted buckets contents, the contents of that bucket can be written outside of the intended destination directory. Version 1.12.261 contains a patch for this issue. As a workaround, when calling `com.amazonaws.services.s3.transfer.TransferManager::downloadDirectory`, pass a `KeyFilter` that forbids `S3ObjectSummary` objects that `getKey` method return a string containing the substring `..` .",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-22'],['cpe:2.3:a:amazon:aws-sdk-java:*:*:*:*:*:*:*:*'],0,0
CVE-2022-33915,Amazon,0.00042,7.0,0.0,0.0,1.0,0.0,0,2022-06-17,1.0,2022-06-13,,,1.0,"Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or CVE-2021-45046; it provides a temporary mitigation to CVE-2021-44228 by hotpatching the local Java virtual machines. To do so, it iterates through all running Java processes, performs several checks, and executes the Java virtual machine with the same permissions and capabilities as the running process to load the hotpatch. A local user could cause the hotpatch script to execute a binary with elevated privileges by running a custom java process that performs exec() of an SUID binary after the hotpatch has observed the process path and before it has observed its effective user ID.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.0,5.9,['CWE-362'],['cpe:2.3:a:amazon:hotpatch:*:*:*:*:*:log4j:*:*'],0,0
CVE-2022-34266,Amazon,0.00057,5.5,0.0,0.0,0.0,1.0,0,2022-07-19,0.0,,1.0,2022-07-06,,"The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset() function within TIFFFetchStripThing() in tif_dirread.c. This will cause TIFFFetchStripThing() to segfault after use of an uninitialized resource.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-908'],"['cpe:2.3:a:libtiff:libtiff:4.0.3-35:*:*:*:*:*:*:*', 'cpe:2.3:o:amazon:linux_2:-:*:*:*:*:*:*:*']",0,0
CVE-2022-39230,Amazon,0.00065,6.5,0.0,0.0,1.0,0.0,0,2022-09-23,1.0,2022-09-20,,,1.0,fhir-works-on-aws-authz-smart is an implementation of the authorization interface from the FHIR Works interface. Versions 3.1.1 and 3.1.2 are subject to Exposure of Sensitive Information to an Unauthorized Actor. This issue allows a client of the API to retrieve more information than the client’s OAuth scope permits when making “search-type” requests. This issue would not allow a client to retrieve information about individuals other than those the client was already authorized to access. Users of fhir-works-on-aws-authz-smart 3.1.1 or 3.1.2 should upgrade to version 3.1.3 or higher immediately. Versions 3.1.0 and below are unaffected. There is no workaround for this issue.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-200'],['cpe:2.3:a:amazon:fhir-works-on-aws-authz-smart:*:*:*:*:*:*:*:*'],0,0
CVE-2022-41906,Amazon,0.001,8.7,0.0,0.0,1.0,0.0,0,2022-11-11,1.0,2022-11-11,,,1.0,"OpenSearch Notifications is a notifications plugin for OpenSearch that enables other plugins to send notifications via Email, Slack, Amazon Chime, Custom web-hook etc channels. A potential SSRF issue in OpenSearch Notifications Plugin starting in 2.0.0 and prior to 2.2.1 could allow an existing privileged user to enumerate listening services or interact with configured resources via HTTP requests exceeding the Notification plugin's intended scope. OpenSearch 2.2.1+ contains the fix for this issue. There are currently no recommended workarounds. 
",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,HIGH,NONE,HIGH,2.3,5.8,['CWE-918'],['cpe:2.3:a:amazon:opensearch_notifications:*:*:*:*:*:docker:*:*'],0,0
CVE-2016-6453,Cisco,0.00096,7.3,0.0,0.0,1.0,0.0,1,2016-11-03,0.0,,1.0,2016-10-26,,"A vulnerability in the web framework code of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. More Information: CSCva46542. Known Affected Releases: 1.3(0.876).",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.1,5.2,['CWE-89'],['cpe:2.3:a:cisco:identity_services_engine:1.3\\(0.876\\):*:*:*:*:*:*:*'],0,0
CVE-2016-6460,Cisco,0.00114,7.5,0.0,0.0,1.0,0.0,1,2016-11-19,0.0,,1.0,2016-11-16,,"A vulnerability in the FTP Representational State Transfer Application Programming Interface (REST API) for Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass FTP malware detection rules and download malware over an FTP connection. Cisco Firepower System Software is affected when the device has a file policy with malware block configured for FTP connections. More Information: CSCuv36188 CSCuy91156. Known Affected Releases: 5.4.0.2 5.4.1.1 5.4.1.6 6.0.0 6.1.0 6.2.0. Known Fixed Releases: 6.0.0.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-254'],"['cpe:2.3:a:cisco:firesight_system_software:5.4.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firesight_system_software:5.4.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firesight_system_software:5.4.1.6:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firesight_system_software:6.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firesight_system_software:6.2.0:*:*:*:*:*:*:*']",0,0
CVE-2017-12220,Cisco,0.00129,6.1,0.0,0.0,1.0,0.0,1,2017-09-07,0.0,,1.0,2017-09-06,,"A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvc50771.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:cisco:firepower_management_center:-:*:*:*:*:*:*:*'],0,0
CVE-2017-12360,Cisco,0.00087,4.3,0.0,0.0,1.0,0.0,1,2017-11-30,0.0,,1.0,2017-11-29,,"A vulnerability in Cisco WebEx Network Recording Player for WebEx Recording Format (WRF) files could allow an attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by providing a user with a malicious WRF file via email or URL and convincing the user to open the file. A successful exploit could cause an affected player to crash, resulting in a DoS condition. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, and Cisco WebEx WRF players. Cisco Bug IDs: CSCve30294, CSCve30301.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,LOW,MEDIUM,2.8,1.4,"['NVD-CWE-noinfo', 'CWE-399']","['cpe:2.3:a:cisco:webex_meeting_center:t29:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meeting_center:t30:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meeting_center:t31:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meeting_center:t32:*:*:*:*:*:*:*']",0,0
CVE-2017-3830,Cisco,0.00563,7.5,0.0,0.0,1.0,0.0,1,2017-02-22,0.0,,1.0,2017-02-15,,"A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected appliance. More Information: CSCvc89678. Known Affected Releases: 2.1. Known Fixed Releases: 2.1.2.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],['cpe:2.3:a:cisco:meeting_server:2.1.0:*:*:*:*:*:*:*'],0,0
CVE-2017-6670,Cisco,0.00151,6.1,0.0,0.0,1.0,0.0,1,2017-06-13,0.0,,1.0,2019-06-07,,"A vulnerability in the web-based GUI of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect issue. More Information: CSCvc54813. Known Affected Releases: 8.1(7)ER1.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-601'],['cpe:2.3:a:cisco:unified_communications_domain_manager:8.1\\(7\\)er1:*:*:*:*:*:*:*'],0,0
CVE-2017-6789,Cisco,0.00125,6.1,0.0,0.0,1.0,0.0,1,2017-09-07,0.0,,1.0,2017-09-06,,"A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing a Document Object Model (DOM)-based, environment or client-side cross-site scripting (XSS) attack. The vulnerability occurs because user-supplied data in the DOM input is not validated. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious DOM statements to the affected system. A successful exploit could allow the attacker to affect the integrity of the system by manipulating the database. Known Affected Releases 11.0(1)ES10. Cisco Bug IDs: CSCvf18325.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(1\\)es10:*:*:*:*:*:*:*'],0,0
CVE-2018-0393,Cisco,0.00079,6.5,0.0,1.0,0.0,0.0,1,2018-07-18,0.0,,1.0,2018-07-18,,"A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by accessing the Policy Builder interface and modifying an HTTP request. A successful exploit could allow the attacker to make changes to existing policies. Cisco Bug IDs: CSCvi35007.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,"['NVD-CWE-noinfo', 'CWE-285']","['cpe:2.3:o:cisco:mobility_services_engine_3365_firmware:18.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:mobility_services_engine_3365:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:mobility_services_engine_3355_firmware:18.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:mobility_services_engine_3355:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:mobility_services_engine_3310_firmware:18.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:mobility_services_engine_3310:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15387,Cisco,0.00181,9.8,0.0,0.0,1.0,0.0,1,2018-10-05,1.0,2018-10-03,,,1.0,"A vulnerability in the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass certificate validation on an affected device. The vulnerability is due to improper certificate validation. An attacker could exploit this vulnerability by supplying a system image signed with a crafted certificate to an affected device, bypassing the certificate validation. An exploit could allow an attacker to deploy a crafted system image.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-295', 'CWE-20']","['cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan:18.3.0:*:*:*:*:*:*:*']",0,0
CVE-2018-15464,Cisco,0.00121,5.8,0.0,0.0,1.0,0.0,1,2019-01-11,0.0,,1.0,2019-01-09,,"A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of certain broadcast packets ingress to the device. An attacker could exploit this vulnerability by sending large streams of broadcast packets to an affected device. If successful, an exploit could allow an attacker to impact services running on the device, resulting in a partial DoS condition.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,CHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,['CWE-400'],['cpe:2.3:a:cisco:asr_900_series_software:16.6.2:*:*:*:*:*:*:*'],0,0
CVE-2018-15465,Cisco,0.00576,8.1,0.0,0.0,1.0,0.0,1,2018-12-24,1.0,2018-12-19,,,1.0,"A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, but unprivileged (levels 0 and 1), remote attacker to perform privileged actions by using the web management interface. The vulnerability is due to improper validation of user privileges when using the web management interface. An attacker could exploit this vulnerability by sending specific HTTP requests via HTTPS to an affected device as an unprivileged user. An exploit could allow the attacker to retrieve files (including the running configuration) from the device or to upload and replace software images on the device.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,"['CWE-863', 'CWE-285']","['cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*']",0,0
CVE-2019-12648,Cisco,0.0019,8.8,0.0,1.0,0.0,0.0,1,2019-09-25,1.0,2019-09-25,,,1.0,"A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on an affected device. The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests access to a Guest OS that should be restricted to administrative accounts. An attacker could exploit this vulnerability by authenticating to the Guest OS by using the low-privileged-user credentials. An exploit could allow the attacker to gain unauthorized access to the Guest OS as a root user.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-863', 'CWE-284']","['cpe:2.3:o:cisco:ios:15.7\\(3\\)m3:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:807_industrial_integrated_services_routers:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:809_industrial_integrated_services_routers:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:829_industrial_integrated_services_routers:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:cgr_1120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:cgr1240:-:*:*:*:*:*:*:*']",0,0
CVE-2019-12658,Cisco,0.00159,7.5,0.0,1.0,0.0,0.0,1,2019-09-25,1.0,2019-09-25,,,1.0,"A vulnerability in the filesystem resource management code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to exhaust filesystem resources on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to ineffective management of the underlying filesystem resources. An attacker could exploit this vulnerability by performing specific actions that result in messages being sent to specific operating system log files. A successful exploit could allow the attacker to exhaust available filesystem space on an affected device. This could cause the device to crash and reload, resulting in a DoS condition for clients whose network traffic is transiting the device. Upon reload of the device, the impacted filesystem space is cleared, and the device will return to normal operation. However, continued exploitation of this vulnerability could cause subsequent forced crashes and reloads, which could lead to an extended DoS condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['NVD-CWE-Other', 'CWE-400']","['cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1100_integrated_services_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4221_integrated_services_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4321_integrated_services_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4331_integrated_services_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4351_integrated_services_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4431_integrated_services_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4451-x_integrated_services_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_900_:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24td-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24td-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24td-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48td-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48td-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48td-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c3850-12x48u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c3850-12x48u-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c3850-12x48u-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-12q-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-12q-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-24q-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-24q-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-40x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-40x-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:cloud_services_r_1000v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_4201:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_4202:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_4206:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_4216:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:network_convergence_system_520:-:*:*:*:*:*:*:*']",0,0
CVE-2019-1892,Cisco,0.00159,7.5,0.0,1.0,0.0,0.0,1,2019-07-06,1.0,2019-07-03,,,1.0,"A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. The vulnerability is due to improper validation of HTTPS packets. An attacker could exploit this vulnerability by sending a malformed HTTPS packet to the management web interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a denial of service (DoS) condition.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-119'],"['cpe:2.3:o:cisco:sf200-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-18_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-18:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-26_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-26:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-26p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-26p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-50p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-50p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-10mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-10mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-10mpp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-10mpp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-10sfp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-10sfp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-10p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-10p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-10pp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-10pp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-28_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-28p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-28p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-28pp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-28pp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-28mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-28mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-28sfp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-28sfp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-52_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-52:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-52p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-52p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-52mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-52mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-08_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-08:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf302-08_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf302-08:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf302-08mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf302-08mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf302-08p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf302-08p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf302-08pp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf302-08pp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf302-08mpp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf302-08mpp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-24mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-24mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-24pp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-24pp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-48pp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-48pp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf500-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf500-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf500-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf500-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf500-24mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf500-24mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf500-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf500-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf500-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf500-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf500-48mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf500-48mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500-28_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500-28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500-28p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500-28p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500-28mpp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500-28mpp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500-52_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500-52:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500-52p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500-52p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500-52mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500-52mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500x-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500x-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500x24mpp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500x24mpp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500x-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500x-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500x-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500x-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500x-48mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500x-48mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500xg8f8t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500xg8f8t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:esw2-350g52dc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:esw2-350g52dc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:esw2-550x48dc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:esw2-550x48dc:-:*:*:*:*:*:*:*']",0,0
CVE-2019-1906,Cisco,0.0008,6.5,0.0,0.0,1.0,0.0,1,2019-06-20,0.0,,1.0,2019-06-19,,"A vulnerability in the Virtual Domain system of Cisco Prime Infrastructure (PI) could allow an authenticated, remote attacker to change the virtual domain configuration, which could lead to privilege escalation. The vulnerability is due to improper validation of API requests. An attacker could exploit this vulnerability by manipulating requests sent to an affected PI server. A successful exploit could allow the attacker to change the virtual domain configuration and possibly elevate privileges.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,"['CWE-20', 'CWE-264']",['cpe:2.3:a:cisco:prime_infrastructure:3.6:*:*:*:*:*:*:*'],0,0
CVE-2019-1934,Cisco,0.0019,8.8,0.0,0.0,1.0,0.0,1,2019-08-07,1.0,2019-08-07,,,1.0,"A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to elevate privileges and execute administrative functions on an affected device. The vulnerability is due to insufficient authorization validation. An attacker could exploit this vulnerability by logging in to an affected device as a low-privileged user and then sending specific HTTPS requests to execute administrative functions using the information retrieved during initial login.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['NVD-CWE-Other', 'CWE-285']",['cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*'],0,0
CVE-2019-1936,Cisco,0.01621,7.2,0.0,0.0,1.0,0.0,1,2019-08-21,1.0,2019-08-21,,,1.0,"A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root user. Exploitation of this vulnerability requires privileged access to an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by logging in to the web-based management interface with administrator privileges and then sending a malicious request to a certain part of the interface.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-20'],"['cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.1.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director:6.0.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director:6.5.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director:6.6.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director:6.6.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director:6.7\\(0.0.67265\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director:6.7.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director:6.7.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.0.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.5.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.6.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.7.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director_express_for_big_data:3.7.1.0:*:*:*:*:*:*:*']",0,0
CVE-2019-1970,Cisco,0.00092,7.5,0.0,0.0,1.0,0.0,1,2019-08-08,1.0,2019-08-07,,,1.0,"A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-693'],"['cpe:2.3:a:cisco:firepower_management_center:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*']",0,0
CVE-2020-3227,Cisco,0.00457,9.8,0.0,0.0,0.0,1.0,1,2020-06-03,1.0,2020-06-03,,,1.0,"A vulnerability in the authorization controls for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute Cisco IOx API commands without proper authorization. The vulnerability is due to incorrect handling of requests for authorization tokens. An attacker could exploit this vulnerability by using a crafted API call to request such a token. An exploit could allow the attacker to obtain an authorization token and execute any of the IOx API commands on an affected device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-863', 'CWE-264']","['cpe:2.3:o:cisco:ios_xe:3.11.6e:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.3.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.3.1a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.3.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.3.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.3.4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.3.5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.3.5b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.3.6:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.3.7:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.3.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.3.9:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.4.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.4.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.4.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.5.1a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.5.1b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.6.4a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.6.4s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.6.5a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.6.5b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.6.6:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.8.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.8.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.1a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.1b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.1c:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.1d:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.2a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.2s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.3a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.3h:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.3s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.4c:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.10.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.11.1c:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*']",0,0
CVE-2020-3292,Cisco,0.00168,7.2,0.0,1.0,0.0,0.0,1,2020-06-18,1.0,2020-06-17,,,1.0,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,"['CWE-787', 'CWE-119']","['cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*']",0,0
CVE-2021-1131,Cisco,0.00058,4.3,0.0,1.0,0.0,0.0,1,2021-01-13,1.0,2021-01-13,,,1.0,"A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload. The vulnerability is due to missing checks when Cisco Discovery Protocol messages are processed. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected IP camera. A successful exploit could allow the attacker to cause the affected IP camera to reload unexpectedly, resulting in a denial of service (DoS) condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,2.8,1.4,['CWE-119'],"['cpe:2.3:o:cisco:video_surveillance_8000p_ip_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:video_surveillance_8000p_ip_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:video_surveillance_8020_ip_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:video_surveillance_8020_ip_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:video_surveillance_8030_ip_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:video_surveillance_8030_ip_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:video_surveillance_8070_ip_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:video_surveillance_8070_ip_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:video_surveillance_8400_ip_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:video_surveillance_8400_ip_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:video_surveillance_8620_ip_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:video_surveillance_8620_ip_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:video_surveillance_8630_ip_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:video_surveillance_8630_ip_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:video_surveillance_8930_speed_dome_ip_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:video_surveillance_8930_speed_dome_ip_camera:-:*:*:*:*:*:*:*']",0,0
CVE-2021-1156,Cisco,0.00066,4.8,0.0,1.0,1.0,0.0,1,2021-01-13,0.0,,1.0,2021-01-13,,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.7,2.7,['CWE-79'],"['cpe:2.3:o:cisco:rv110w_firmware:1.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv110w_firmware:1.3.1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130_vpn_router_firmware:1.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130_vpn_router_firmware:1.3.1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv130_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130w_firmware:1.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130w_firmware:1.3.1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.3.1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv215w_wireless-n_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:application_extension_platform:1.0.3.55:*:*:*:*:*:*:*']",0,0
CVE-2021-1167,Cisco,0.0034,7.2,0.0,1.0,1.0,0.0,1,2021-01-13,0.0,,1.0,2021-01-13,,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:o:cisco:rv110w_firmware:1.2.1.7:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv110w_firmware:1.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv110w_firmware:1.3.1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130_vpn_router_firmware:1.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130_vpn_router_firmware:1.3.1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv130_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130w_firmware:1.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130w_firmware:1.3.1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.3.1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv215w_wireless-n_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:application_extension_platform:1.0.3.55:*:*:*:*:*:*:*']",0,0
CVE-2021-1170,Cisco,0.00212,7.2,0.0,1.0,1.0,0.0,1,2021-01-13,0.0,,1.0,2021-01-13,,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:o:cisco:rv110w_firmware:1.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv110w_firmware:1.3.1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130_vpn_router_firmware:1.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130_vpn_router_firmware:1.3.1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv130_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130w_firmware:1.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130w_firmware:1.3.1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.3.1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv215w_wireless-n_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:application_extension_platform:1.0.3.55:*:*:*:*:*:*:*']",0,0
CVE-2021-1291,Cisco,0.00265,9.8,0.0,1.0,0.0,0.0,1,2021-02-04,1.0,2021-02-03,,,1.0,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-472'],"['cpe:2.3:o:cisco:rv160w_wireless-ac_vpn_router_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv160w_wireless-ac_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv260_vpn_router_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv260_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv260p_vpn_router_with_poe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv260p_vpn_router_with_poe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv260w_wireless-ac_vpn_router_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv260w_wireless-ac_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv160_vpn_router_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv160_vpn_router:-:*:*:*:*:*:*:*']",0,0
CVE-2021-1338,Cisco,0.00221,7.2,0.0,1.0,0.0,0.0,1,2021-02-04,1.0,2021-02-03,,,1.0,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-121'],"['cpe:2.3:o:cisco:rv016_multi-wan_vpn_router_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv016_multi-wan_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv042_dual_wan_vpn_router_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv042_dual_wan_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv042g_dual_gigabit_wan_vpn_router_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv042g_dual_gigabit_wan_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv082_dual_wan_vpn_router_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv082_dual_wan_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv320_dual_gigabit_wan_vpn_router_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv320_dual_gigabit_wan_vpn_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv325_dual_gigabit_wan_vpn_router_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv325_dual_gigabit_wan_vpn_router:-:*:*:*:*:*:*:*']",0,0
CVE-2021-1392,Cisco,0.00042,7.8,0.0,0.0,0.0,1.0,1,2021-03-24,1.0,2021-03-04,,,1.0,"A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permissions are associated with the show cip security CLI command. An attacker could exploit this vulnerability by issuing the command to retrieve the password for CIP on an affected device. A successful exploit could allow the attacker to reconfigure the device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-522'],"['cpe:2.3:o:cisco:ios:15.0\\(1\\)ey:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.0\\(1\\)ey1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.0\\(1\\)ey2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.1\\(3\\)svs:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.1\\(3\\)svt1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(1\\)ey:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e5a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e5b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e6:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e7:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e7b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e9:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)e10:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)ea:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)ea1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)ea2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)ea3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)eb:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)eb1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2\\)eb2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2a\\)e2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(2b\\)e:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(3\\)e1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(3\\)e2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(3\\)e3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(3\\)e4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(3\\)e5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(3\\)ea:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)e5a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ea:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ea1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ea2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ea3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ea4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ea5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ea6:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ea7:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ea8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ea9:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ea9a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ea10:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ec1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)ec2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(4\\)jaz:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(5\\)e:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(5\\)e1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(5\\)e2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(5\\)e2b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(5\\)e2c:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(5\\)ea:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(5a\\)e1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(6\\)e:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(6\\)e0a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(6\\)e0c:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(6\\)e1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(6\\)e1a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(6\\)e1s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(7\\)e0b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(7a\\)e0b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(7b\\)e0b:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ja4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ja5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ja6:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ja7:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ja8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ja10:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ja11:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ja12:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jaa:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jax:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jax1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jax2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jb:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb6:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb6a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jc:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jc1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jc2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jc3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jc4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jc5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jc6:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jc8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jc9:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jc14:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd6:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd7:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd9:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd11:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd12:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd13:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd14:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd16:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jd17:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)je:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf6:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf7:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf9:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf10:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf11:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf12:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf12i:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jf13:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jg:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jg1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jh:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jh1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ji1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ji3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ji4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ji5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)ji6:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jj:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jj1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jk:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jk1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jk1t:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jk2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jk2a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jk3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jk4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jn:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jn3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jn4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jn6:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jn7:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jn8:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jn9:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jn11:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jn13:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jn14:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jn15:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb6:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnc:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnc1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnc2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnc3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnc4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnd:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnd1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnd2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnd3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnp:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnp1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jnp3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jpb:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jpb1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jpc:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jpc1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jpc2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jpc3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jpc5:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.3\\(3\\)jpd:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:3.3.0xo:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:3.3.1xo:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:3.3.2xo:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:3.6.5be:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:3.7.4e:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:3.7.5e:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.9.1d:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.11.1c:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.12.2t:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:17.1.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*']",0,0
CVE-2021-1459,Cisco,0.00171,9.8,0.0,1.0,0.0,0.0,1,2021-04-08,0.0,,1.0,2021-04-07,,"A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system of the affected device. Cisco has not released software updates that address this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-20', 'CWE-119']","['cpe:2.3:o:cisco:rv110w_firmware:1.0.3.55:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130_firmware:1.0.3.55:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv130:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130w_firmware:1.0.3.55:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv215w_firmware:1.0.3.55:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*']",0,0
CVE-2022-20661,Cisco,0.0005,4.6,0.0,1.0,0.0,1.0,1,2022-04-15,1.0,2022-04-13,,,1.0,"Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,0.9,3.6,"['CWE-665', 'CWE-1221']","['cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:cdb-8p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:cdb-8u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios:15.2\\(8\\)e:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:cmicr-4pc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:cmicr-4ps:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:cmicr-4pt:-:*:*:*:*:*:*:*']",0,0
CVE-2022-20730,Cisco,0.00123,7.5,0.0,0.0,1.0,0.0,1,2022-05-03,1.0,2022-04-27,,,1.0,"A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this vulnerability by sending traffic through an affected device that should be blocked by the affected device. A successful exploit could allow the attacker to bypass device controls and successfully send traffic to devices that are expected to be protected by the affected device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,"['NVD-CWE-Other', 'CWE-241']","['cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*']",0,0
CVE-2022-20742,Cisco,0.00124,7.4,0.0,0.0,1.0,0.0,1,2022-05-03,1.0,2022-04-27,,,1.0,"A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.2,5.2,"['NVD-CWE-Other', 'CWE-325']","['cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*']",0,0
CVE-2022-20825,Cisco,0.00295,9.8,0.0,1.0,0.0,0.0,1,2022-06-15,0.0,,1.0,2022-06-15,,"A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device using root-level privileges. Cisco has not released software updates that address this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:o:cisco:rv110w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv130:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv215w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*']",0,0
CVE-2022-20850,Cisco,0.00044,7.1,0.0,1.0,1.0,0.0,1,2022-09-30,1.0,2022-09-28,,,1.0,"A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,HIGH,1.8,5.2,"['CWE-20', 'CWE-22']","['cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*']",0,0
CVE-2022-20875,Cisco,0.00133,7.2,0.0,1.0,1.0,0.0,1,2022-07-21,0.0,,1.0,2022-07-20,,"Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,"['CWE-78', 'CWE-120']","['cpe:2.3:o:cisco:rv215w_firmware:1.0.3.55:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130w_firmware:1.0.3.55:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv130_firmware:1.0.3.55:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv130:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:rv110w_firmware:1.0.3.55:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:application_extension_platform:1.0.3.55:*:*:*:*:*:*:*']",0,0
CVE-2022-20960,Cisco,0.00145,7.5,0.0,0.0,1.0,0.0,1,2022-11-04,1.0,2022-11-02,,,1.0,"A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device.

 This vulnerability is due to improper handling of certain TLS connections that are processed by an affected device. An attacker could exploit this vulnerability by establishing a large number of concurrent TLS connections to an affected device. A successful exploit could allow the attacker to cause the device to drop new TLS email messages that come from the associated email servers. Exploitation of this vulnerability does not cause the affected device to unexpectedly reload. The device will recover autonomously within a few hours of when the attack is halted or mitigated.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-295', 'CWE-400']","['cpe:2.3:a:cisco:email_security_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:email_security_appliance:*:*:*:*:*:*:*:*']",0,0
CVE-2017-12290,Cisco,0.00129,6.1,0.0,0.0,1.0,0.0,0,2017-11-16,1.0,2017-11-15,,,1.0,"Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of the affected service. An attacker could exploit these vulnerabilities by persuading a user to click a malicious link or by sending an HTTP request that could cause the affected service to redirect the request to a specified malicious URL. A successful exploit could allow the attacker to execute arbitrary script code in the context of the web interface of the affected system or allow the attacker to access sensitive browser-based information on the affected system. These types of exploits could also be used in phishing attacks that send users to malicious websites without their knowledge. Cisco Bug IDs: CSCve77195, CSCve90978, CSCvf42310, CSCvf42703, CSCvf42723, CSCvf46169, CSCvf49999.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:cisco:email_encryption:5.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:email_encryption:5.3.0-038:*:*:*:*:*:*:*']",0,0
CVE-2017-12292,Cisco,0.00129,6.1,0.0,0.0,1.0,0.0,0,2017-11-16,1.0,2017-11-15,,,1.0,"Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of the affected service. An attacker could exploit these vulnerabilities by persuading a user to click a malicious link or by sending an HTTP request that could cause the affected service to redirect the request to a specified malicious URL. A successful exploit could allow the attacker to execute arbitrary script code in the context of the web interface of the affected system or allow the attacker to access sensitive browser-based information on the affected system. These types of exploits could also be used in phishing attacks that send users to malicious websites without their knowledge. Cisco Bug IDs: CSCve77195, CSCve90978, CSCvf42310, CSCvf42703, CSCvf42723, CSCvf46169, CSCvf49999.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:cisco:email_encryption:5.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:email_encryption:5.3.0-038:*:*:*:*:*:*:*']",0,0
CVE-2018-0130,Cisco,0.00296,9.8,0.0,0.0,1.0,0.0,0,2018-02-22,1.0,2018-02-21,,,1.0,"A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to gain administrative access to an affected system. The vulnerability is due to the presence of static default credentials for the web-based service portal of the affected software. An attacker could exploit this vulnerability by extracting the credentials from an image of the affected software and using those credentials to generate a valid administrative session token for the web-based service portal of any other installation of the affected software. A successful exploit could allow the attacker to gain administrative access to the web-based service portal of an affected system. This vulnerability affects Cisco Elastic Services Controller Software Release 3.0.0. Cisco Bug IDs: CSCvg30884.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-1188', 'CWE-264']",['cpe:2.3:a:cisco:virtual_managed_services:3.0:*:*:*:*:*:*:*'],0,0
CVE-2018-0181,Cisco,0.00317,9.8,0.0,0.0,1.0,0.0,0,2019-01-10,1.0,2019-01-09,,,1.0,"A vulnerability in the Redis implementation used by the Cisco Policy Suite for Mobile and Cisco Policy Suite Diameter Routing Agent software could allow an unauthenticated, remote attacker to modify key-value pairs for short-lived events stored by the Redis server. The vulnerability is due to improper authentication when accessing the Redis server. An unauthenticated attacker could exploit this vulnerability by modifying key-value pairs stored within the Redis server database. An exploit could allow the attacker to reduce the efficiency of the Cisco Policy Suite for Mobile and Cisco Policy Suite Diameter Routing Agent software.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:a:cisco:cisco_policy_suite_diameter_routing_agent:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cisco_policy_suite_for_mobile:13.0.0:*:*:*:*:*:*:*']",0,0
CVE-2018-0448,Cisco,0.00275,9.8,0.0,0.0,1.0,0.0,0,2018-10-05,1.0,2018-10-03,,,1.0,"A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and take complete control of identity management functions. The vulnerability is due to insufficient security restrictions for critical management functions. An attacker could exploit this vulnerability by sending a valid identity management request to the affected system. An exploit could allow the attacker to view and make unauthorized modifications to existing system users as well as create new users.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-326'],['cpe:2.3:a:cisco:digital_network_architecture_center:*:*:*:*:*:*:*:*'],0,0
CVE-2019-15269,Cisco,0.00066,4.8,0.0,1.0,0.0,0.0,0,2019-10-16,0.0,,1.0,2019-10-16,,"Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.7,2.7,['CWE-79'],"['cpe:2.3:h:cisco:firepower_management_center_2600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2600_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2600_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2600_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2600_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7030_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7030_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_7110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7110_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7110_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_7115:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7115_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7115_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_management_center_virtual_appliance:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_virtual_appliance_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_management_center_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2000_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_management_center_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_1000_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firesight_management_center_3500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_3500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_3500_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7125_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7125_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_7125:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4000_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_management_center_4000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8290_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8290_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_8290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_1500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_1500_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firesight_management_center_1500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_750_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firesight_management_center_750_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firesight_management_center_750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7120_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7120_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_7120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7010_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7010_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_7010:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8370_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8370_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_8370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_1600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_1600_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_1600_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_1600_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_1600_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_management_center_1600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7020_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7020_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_7020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:amp_8150_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:amp_8150_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:amp_8150_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:amp_8150_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:amp_8150_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:amp_8150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8130_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8130_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_8130:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ngips_virtual_appliance_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ngips_virtual_appliance:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8390_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8390_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_8390:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8270_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8270_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_8270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4500_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_management_center_4500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8250_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8250_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_8250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4600_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4600_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4600_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_4600_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_management_center_4600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2500_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2500_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2500_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_management_center_2500_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_management_center_2500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8120_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8120_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_8120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:amp_7150_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:amp_7150_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:amp_7150_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:amp_7150_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:amp_7150_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:amp_7150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8350_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8350_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_8350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8140_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8140_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_8140:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7050_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_7050_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_7050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8260_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8260_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8360_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:firepower_appliance_8360_firmware:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_appliance_8360:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15283,Cisco,0.00072,7.8,0.0,0.0,1.0,0.0,0,2020-09-23,1.0,2019-11-06,,,1.0,Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_online:32.11:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_online:39.4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_online:t32.9:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_online:t39.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_online:t39.6.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*']",0,0
CVE-2019-15993,Cisco,0.00144,5.3,0.0,1.0,0.0,0.0,0,2020-09-23,1.0,2020-01-29,,,1.0,"A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of an affected device. A successful exploit could allow the attacker to access sensitive device information, which includes configuration files.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,"['CWE-287', 'CWE-16']","['cpe:2.3:h:cisco:sg250x-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250x-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250x-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250x-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250x-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250x-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250x-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250x-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-08:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-08_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-08hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-08hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-10p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-10p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-18:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-18_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-26_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-26:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-26hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-26hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-26p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-26p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-50hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-50hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-50p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-50p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf250-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf250-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf250-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf250-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf250-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf250-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf250-48hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf250-48hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350-10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350-10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350-10p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350-10p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350-10mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350-10mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg355-10p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg355-10p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350-28_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350-28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350-28p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350-28p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350-28mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350-28mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf350-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf350-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf350-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf350-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf350-48mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf350-48mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350xg-2f10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350xg-2f10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350xg-24f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350xg-24f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350xg-24t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350xg-24t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350xg-48t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350xg-48t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350x-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350x-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350x-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350x-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350x-24mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350x-24mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350x-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350x-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350x-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350x-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350x-48mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350x-48mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sx550x-16ft_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sx550x-16ft:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sx550x-24ft_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sx550x-24ft:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sx550x-12f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sx550x-12f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sx550x-24f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sx550x-24f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sx550x-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sx550x-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sx550x-52_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sx550x-52:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-24mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-24mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-24mpp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-24mpp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-48mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-48mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf550x-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf550x-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf550x-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf550x-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf550x-24mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf550x-24mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf550x-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf550x-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf550x-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf550x-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf550x-48mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf550x-48mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-50p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-50p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-50fp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-50fp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-26_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-26:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-26p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-26p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-26fp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-26fp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-18_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-18:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-10fp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-10fp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-08_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-08:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-08p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-08p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-24fp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-24fp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-50p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-50p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-50fp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-50fp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-26_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-26:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-26p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-26p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-26fp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-26fp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-18_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-18:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-10fp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-10fp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-08_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-08:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg200-08p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg200-08p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-24fp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-24fp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf200-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf200-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf302-08pp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf302-08pp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf302-08mpp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf302-08mpp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-10pp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-10pp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-10mpp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-10mpp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-24pp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-24pp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-48pp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-48pp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-28pp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-28pp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-08_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-08:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-10mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-10mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-10p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-10p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-28p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-28p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf302-08mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf302-08mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-28_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf302-08p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf302-08p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-52_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-52:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf302-08_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf302-08:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf300-24mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf300-24mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-10sfp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-10sfp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-28mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-28mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-52p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-52p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg300-52mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg300-52mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500-28mpp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500-28mpp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500-52mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500-52mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500xg-8f8t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500xg-8f8t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf500-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf500-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf500-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf500-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf500-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf500-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf500-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf500-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500-28_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500-28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500-28p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500-28p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500-52_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500-52:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500-52p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500-52p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500x-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500x-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500x-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500x-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500x-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500x-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg500x-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg500x-48p:-:*:*:*:*:*:*:*']",1,0
CVE-2019-1624,Cisco,0.0016,8.8,0.0,0.0,1.0,0.0,0,2019-06-20,1.0,2019-06-19,,,1.0,"A vulnerability in the vManage web-based UI (Web UI) in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the vManage Web UI. A successful exploit could allow the attacker to execute commands with root privileges.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-77'],['cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*'],0,0
CVE-2019-1848,Cisco,0.00063,9.3,0.0,0.0,1.0,0.0,0,2019-06-20,1.0,2019-06-19,,,1.0,"A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. The vulnerability is due to insufficient access restriction to ports necessary for system operation. An attacker could exploit this vulnerability by connecting an unauthorized network device to the subnet designated for cluster services. A successful exploit could allow an attacker to reach internal services that are not hardened for external access.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,NONE,CRITICAL,2.8,5.8,['CWE-668'],['cpe:2.3:a:cisco:digital_network_architecture_center:*:*:*:*:*:*:*:*'],0,0
CVE-2019-1870,Cisco,0.00156,6.1,0.0,0.0,1.0,0.0,0,2019-06-05,0.0,,1.0,2019-06-05,,"A vulnerability in the web-based management interface of Cisco Enterprise Chat and Email (ECE) Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the web interface or allow the attacker to access sensitive browser-based information.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:cisco:enterprise_chat_and_email:11.6\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:enterprise_chat_and_email:11.6\\(1\\)es6:*:*:*:*:*:*:*']",0,0
CVE-2020-3121,Cisco,0.00151,6.1,0.0,1.0,0.0,0.0,0,2020-01-26,0.0,,1.0,2020-01-22,,"A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link and access a specific page. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:cisco:sg250x-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250x-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250x-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250x-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250x-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250x-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250x-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250x-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-08_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-08:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-08hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-08hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-10p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-10p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-18_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-18:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-26_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-26:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-26hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-26hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-26p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-26p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-50hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-50hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-50p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-50p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-24:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg250-48hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg250-48hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf350-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf350-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf350-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf350-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf350-48mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf350-48mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350-10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350-10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350-10p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350-10p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350-10mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350-10mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg355-10mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg355-10mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350-28_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350-28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350-28p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350-28p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg350-28mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg350-28mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sx550x-16ft_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sx550x-16ft:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sx550x-24ft_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sx550x-24ft:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sx550x-12ft_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sx550x-12ft:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sx550x-24ft_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sx550x-24ft:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sx550x-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sx550x-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sx550x-52_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sx550x-52:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-24mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-24mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-24mpp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-24mpp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sg550x-48mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sg550x-48mp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf550x-24_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf550x-24:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf550x-24p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf550x-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf550x-48_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf550x-48:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf550x-48p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf550x-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:sf550x-48mp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:sf550x-48mp:-:*:*:*:*:*:*:*']",0,0
CVE-2020-3530,Cisco,0.00042,8.4,0.0,1.0,0.0,1.0,0,2020-09-04,1.0,2020-09-02,,,1.0,"A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H,LOCAL,LOW,LOW,NONE,CHANGED,NONE,HIGH,HIGH,HIGH,2.0,5.8,"['CWE-863', 'CWE-264']","['cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*']",0,0
CVE-2020-3542,Cisco,0.00093,5.3,0.0,0.0,1.0,0.0,0,2020-09-04,1.0,2020-09-02,,,1.0,"A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could exploit this vulnerability by sending an API request to the application, which would return a URL that includes a meeting join page that is prepopulated with the meeting username and password. A successful exploit could allow the attacker to join the password-protected meeting. The attacker would be visible in the attendee list of the meeting.",CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.6,3.6,['CWE-20'],['cpe:2.3:a:cisco:webex_training:*:*:*:*:*:*:*:*'],0,0
CVE-2020-3602,Cisco,0.00042,6.7,0.0,0.0,0.0,1.0,0,2020-10-08,1.0,2020-10-07,,,1.0,"A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,"['CWE-78', 'CWE-20']","['cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_5500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_5700:-:*:*:*:*:*:*:*']",0,0
CVE-2021-34704,Cisco,0.00222,7.5,0.0,0.0,1.0,0.0,0,2022-01-11,1.0,2021-10-27,,,1.0,"A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-787', 'CWE-121']","['cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*']",0,0
CVE-2021-34708,Cisco,0.00042,6.7,0.0,1.0,0.0,1.0,0,2021-09-09,1.0,2021-08-09,,,1.0,"Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-347'],"['cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8101-32h:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:n540-12z20g-sys-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:n540-12z20g-sys-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:n540-24z8q2c-m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:n540-24z8q2c-sys:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:n540-28z4c-sys-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:n540-28z4c-sys-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:n540-acc-sys:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:n540x-12z16g-sys-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:n540x-12z16g-sys-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:n540x-16z4g8q2c-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:n540x-16z4g8q2c-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:n540x-acc-sys:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*']",0,0
CVE-2021-34715,Cisco,0.00234,7.2,0.0,0.0,1.0,0.0,0,2021-08-18,1.0,2021-08-18,,,1.0,"A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. The vulnerability is due to insufficient validation of the content of upgrade packages. An attacker could exploit this vulnerability by uploading a malicious archive to the Upgrade page of the administrative web interface. A successful exploit could allow the attacker to execute code with user-level privileges (the _nobody account) on the underlying operating system.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-347'],"['cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*']",0,0
CVE-2021-34718,Cisco,0.0017,8.1,0.0,1.0,0.0,1.0,0,2021-09-09,1.0,2021-09-08,,,1.0,"A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,['CWE-88'],"['cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*']",0,0
CVE-2021-34728,Cisco,0.00042,7.8,0.0,1.0,0.0,1.0,0,2021-09-09,1.0,2021-09-08,,,1.0,"Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-78'],"['cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*']",0,0
CVE-2021-34731,Cisco,0.00066,4.8,0.0,0.0,1.0,0.0,0,2021-11-04,0.0,,1.0,2021-11-03,,"A vulnerability in the web-based management interface of Cisco Prime Access Registrar could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker would need valid administrative credentials. Cisco expects to release software updates that address this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.7,2.7,['CWE-79'],['cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*'],0,0
CVE-2021-34787,Cisco,0.00129,5.3,0.0,1.0,1.0,0.0,0,2021-10-27,1.0,2021-10-27,,,1.0,"A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE,MEDIUM,3.9,1.4,"['CWE-755', 'CWE-183']","['cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5512-x_firmware:009.009:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5512-x_firmware:009.012:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5505_firmware:009.009:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5505_firmware:009.012:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5515-x_firmware:009.009:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5515-x_firmware:009.012:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5525-x_firmware:009.009:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5525-x_firmware:009.012:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5545-x_firmware:009.009:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5545-x_firmware:009.012:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5555-x_firmware:009.009:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5555-x_firmware:009.012:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5580_firmware:009.009:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5580_firmware:009.012:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5585-x_firmware:009.009:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5585-x_firmware:009.012:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*']",0,0
CVE-2021-34793,Cisco,0.0016,8.6,0.0,1.0,1.0,0.0,0,2021-10-27,1.0,2021-10-27,,,1.0,"A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.9,4.0,['CWE-924'],"['cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5512-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5505_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5515-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5525-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5545-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5555-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5580_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5585-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*']",0,0
CVE-2021-40116,Cisco,0.00159,7.5,0.0,0.0,1.0,0.0,0,2021-10-27,1.0,2021-10-27,,,1.0,"Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['NVD-CWE-noinfo', 'CWE-241']","['cpe:2.3:a:cisco:firepower_management_center:3.1.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*']",0,0
CVE-2021-40125,Cisco,0.00109,6.5,0.0,1.0,1.0,0.0,0,2021-10-27,1.0,2021-10-27,,,1.0,"A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,"['CWE-400', 'CWE-416']","['cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5512-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5505_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5515-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5525-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5545-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5555-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5580_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asa_5585-x_firmware:009.016\\(001.025\\):*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*']",0,0
CVE-2021-40131,Cisco,0.00065,5.4,0.0,0.0,1.0,0.0,0,2021-11-19,1.0,2021-11-18,,,1.0,"A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input that is processed by the web-based management interface. An attacker could exploit this vulnerability by adding malicious code to the configuration by using the web-based management interface. A successful exploit could allow the attacker to execute arbitrary code in the context of the interface or access sensitive, browser-based information.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,"['CWE-79', 'CWE-87']",['cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*'],0,0
CVE-2022-20653,Cisco,0.0014,7.5,0.0,0.0,0.0,1.0,0,2022-02-17,1.0,2022-02-16,,,1.0,"A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling in DNS name resolution by the affected software. An attacker could exploit this vulnerability by sending specially formatted email messages that are processed by an affected device. A successful exploit could allow the attacker to cause the device to become unreachable from management interfaces or to process additional email messages for a period of time until the device recovers, resulting in a DoS condition. Continued attacks could cause the device to become completely unavailable, resulting in a persistent DoS condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['NVD-CWE-Other', 'CWE-399']","['cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*']",0,0
CVE-2022-20668,Cisco,0.00136,6.1,0.0,0.0,1.0,0.0,0,2022-05-27,1.0,2022-05-18,,,1.0,"Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*'],0,0
CVE-2022-20669,Cisco,0.00136,6.1,0.0,0.0,1.0,0.0,0,2022-05-27,1.0,2022-05-18,,,1.0,"Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*'],0,0
CVE-2022-20787,Cisco,0.0008,6.8,0.0,0.0,1.0,0.0,0,2022-04-21,1.0,2022-04-11,,,1.0,"A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) Software and Cisco Unified CM Session Management Edition (SME) Software could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-352'],"['cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:-:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:-:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*']",0,0
CVE-2022-20840,Cisco,0.00066,4.8,0.0,0.0,1.0,0.0,0,2022-11-15,1.0,2022-11-09,,,1.0,"Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device.
     
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. In some cases, it is also possible to cause a temporary availability impact to portions of the FMC Dashboard.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.7,2.7,['CWE-79'],"['cpe:2.3:a:cisco:firepower_management_center:6.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.1.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.1.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.1.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.1.0.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.1.0.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.1.0.6:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.1.0.7:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.0.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.0.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.0.6:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.2.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.2.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.2.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.2.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.6:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.7:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.9:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.10:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.11:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.12:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.13:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.14:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.15:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.16:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.17:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.2.3.18:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.3.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.3.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.3.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.3.0.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.3.0.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.7:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.8:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.9:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.10:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.11:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.12:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.13:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.14:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.4.0.15:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.5.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.5.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.5.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.5.0.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.5.0.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.6.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.6.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.6.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.6.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.6.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.6.5.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.6.5.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.6.7:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.7.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:6.7.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:7.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:7.0.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:7.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:7.0.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:7.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:7.0.2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:7.0.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:7.0.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:7.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:7.1.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:7.1.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_management_center:7.2.0:*:*:*:*:*:*:*']",0,0
CVE-2022-20848,Cisco,0.00137,7.5,0.0,1.0,0.0,0.0,0,2022-09-30,1.0,2022-09-28,,,1.0,"A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['NVD-CWE-noinfo', 'CWE-399']","['cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:3000_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:9800-40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:9800-80:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:9800-cl:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:9800-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-10sz-pd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-12cz-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-12cz-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-12sz-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-12sz-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-12sz-im:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-12sz-im-cc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-20sz-m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-24sz-im:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-24sz-m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-24tz-im:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-24tz-m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-4sz-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-920-4sz-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr-9901-rp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:-:*', 'cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-10sz-pd_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-12cz-a_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-12cz-d_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-12sz-im_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-24sz-im_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-24sz-m_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-24tz-m_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-4sz-a_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920-4sz-d_router:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:-:*', 'cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1000-2t\\+20x1ge:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1000-6tge:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1000-esp200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1000-mip100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1000-rp3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1001-hx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1001-hx-rf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1001-x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1001-x-rf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1001-x-ws:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1002-hx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1002-hx-rf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1002-hx-ws:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1002-x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1002-x-rf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:asr1002-x-ws:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24td-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24td-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24td-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48td-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48td-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48td-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:*']",0,0
CVE-2022-20857,Cisco,0.00802,9.8,0.0,0.0,1.0,0.0,0,2022-07-21,1.0,2022-07-20,,,1.0,"Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this advisory.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],['cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*'],0,0
CVE-2022-20864,Cisco,0.00058,4.6,0.0,1.0,0.0,0.0,0,2022-10-10,1.0,2022-09-28,,,1.0,"A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.9,3.6,"['NVD-CWE-Other', 'CWE-538']","['cpe:2.3:o:cisco:ios_xe_rom_monitor:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24td-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24td-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24td-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48td-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48td-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48td-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c2928-24lt-c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c2928-48tc-c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c3850-12x48u-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c3850-12x48u-l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c3850-12x48u-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200-24t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200-48t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9404r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9407r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9410r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-12q-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-12q-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-16x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-16x-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-24q-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-24q-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-40x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-40x-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9600-lc-24c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9600-lc-48s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9600-lc-48tx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:catalyst_c9600-lc-48yl:-:*:*:*:*:*:*:*']",0,0
CVE-2022-20961,Cisco,0.00084,8.8,0.0,0.0,1.0,0.0,0,2022-11-04,1.0,2022-11-02,,,1.0,"A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.

 This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on the affected device with the privileges of the target user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.6.0:-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch1:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch10:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch11:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch2:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch3:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch5:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch6:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch7:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch8:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch9:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.7.0:-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch1:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch2:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch3:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch4:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch5:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch6:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch7:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch4:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch5:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*']",0,0
CVE-2016-6914,Ubiquiti,0.00062,7.8,1.0,0.0,1.0,0.0,1,2017-12-27,1.0,2017-11-27,,,1.0,"Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-276'],"['cpe:2.3:a:ui:unifi_video:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*']",1,0
CVE-2018-12590,Ubiquiti,0.00104,7.2,0.0,1.0,0.0,1.0,1,2018-06-20,1.0,2018-04-11,,,1.0,"Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-134'],"['cpe:2.3:h:ui:edgeswitch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:edgeswitch_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-5264,Ubiquiti,0.00247,5.9,0.0,1.0,0.0,1.0,1,2019-06-07,0.0,,0.0,,,"Ubiquiti UniFi 52 devices, when Hotspot mode is used, allow remote attackers to bypass intended restrictions on ""free time"" Wi-Fi usage by sending a /guest/s/default/ request to obtain a cookie, and then using this cookie in a /guest/s/default/login request with the byfree parameter.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.2,3.6,['CWE-284'],"['cpe:2.3:o:ui:unifi_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:unifi_52:-:*:*:*:*:*:*:*']",0,0
CVE-2019-12727,Ubiquiti,0.00115,7.5,0.0,1.0,0.0,1.0,1,2019-06-04,0.0,,0.0,,,"On Ubiquiti airCam 3.1.4 devices, a Denial of Service vulnerability exists in the RTSP Service provided by the ubnt-streamer binary. The issue can be triggered via malformed RTSP requests that lead to an invalid memory read. To exploit the vulnerability, an attacker must craft an RTSP request with a large number of headers.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:o:ui:aircam_firmware:3.1.4:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:aircam:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5424,Ubiquiti,0.00097,8.8,0.0,0.0,1.0,0.0,1,2019-04-10,1.0,2019-03-29,,,1.0,"In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user can execute arbitrary shell commands over the SSH CLI interface. This allows to execute shell commands under the root user.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-78', 'CWE-77']",['cpe:2.3:a:ui:edgeswitch_x:*:*:*:*:*:*:*:*'],0,0
CVE-2019-5425,Ubiquiti,0.00109,8.8,0.0,0.0,1.0,0.0,1,2019-04-10,1.0,2019-03-29,,,1.0,"In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary shell commands over the SSH interface bypassing the CLI interface, which allow them to escalate privileges to root.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],['cpe:2.3:a:ui:edgeswitch_x:*:*:*:*:*:*:*:*'],0,0
CVE-2019-5426,Ubiquiti,0.00163,4.8,0.0,0.0,1.0,0.0,1,2019-04-10,1.0,2019-03-29,,,1.0,"In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated user can use the ""local port forwarding"" and ""dynamic port forwarding"" (SOCKS proxy) functionalities. Remote attackers without credentials can exploit this bug to access local services or forward traffic through the device if SSH is enabled in the system settings.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,LOW,NONE,MEDIUM,2.2,2.5,['CWE-287'],['cpe:2.3:a:ui:edgeswitch_x:*:*:*:*:*:*:*:*'],0,0
CVE-2019-5430,Ubiquiti,0.00071,8.8,0.0,0.0,1.0,0.0,1,2019-05-06,1.0,2019-03-29,,,1.0,"In UniFi Video 3.10.0 and prior, due to the lack of CSRF protection, it is possible to abuse the Web API to make changes on the server configuration without the user consent, requiring the attacker to lure an authenticated user to access on attacker controlled page.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],['cpe:2.3:a:ui:unifi_video:*:*:*:*:*:*:*:*'],0,0
CVE-2019-5445,Ubiquiti,0.00081,4.9,0.0,1.0,0.0,1.0,1,2019-07-10,0.0,,0.0,,,DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-400'],"['cpe:2.3:o:ui:edgeswitch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ep-s16.:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-12f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-16-150w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-16-xg:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-24-250w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-24-500w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-24-lite:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-48-500w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-48-750w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-48-lite:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-8-150w:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5446,Ubiquiti,0.00123,7.2,0.0,1.0,0.0,1.0,1,2019-07-10,0.0,,0.0,,,Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as root.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-77'],"['cpe:2.3:o:ui:edgeswitch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ep-s16.:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-12f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-16-150w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-16-xg:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-24-250w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-24-500w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-24-lite:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-48-500w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-48-750w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-48-lite:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-8-150w:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5456,Ubiquiti,0.0023,8.1,0.0,0.0,1.0,0.0,1,2019-07-30,1.0,2019-05-15,,,1.0,SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,"['CWE-255', 'CWE-300']",['cpe:2.3:a:ui:unifi_controller:*:*:*:*:*:*:*:*'],0,0
CVE-2020-12695,Ubiquiti,0.00547,7.5,0.0,0.0,1.0,0.0,1,2020-06-08,0.0,,0.0,,,"The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H,NETWORK,HIGH,NONE,NONE,CHANGED,LOW,NONE,HIGH,HIGH,2.2,4.7,['CWE-276'],"['cpe:2.3:a:ui:unifi_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-n11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:broadcom:adsl:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:selphy_cp1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:wap131:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:wap150:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:wap351:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dvg-n5412sp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:b1165nfw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-101:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ew-m970a3t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:m571t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-2101:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-2105:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-241:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-320:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-330:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-340:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-4105:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-440:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-702:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-8500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-8600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-960:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-970:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5020_z4a69a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5030_m2u92b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5030_z4a70a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5034_z4a74a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5660_f8b04a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3456_a9t84c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t83b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3546_a9t82a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3548_a9t81b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4515:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4518:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4536_f0v65a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4538_f0v66b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4676_f1h98a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4678_f1h99b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn517a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn517b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn517c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn518a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn519a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn519b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq812c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_111_cq810a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_114_cq811a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_114_cq811b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_114_cq812a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_120_cz022a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_120_cz022b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_120_cz022c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_a9t80a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_a9t80b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_a9t89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_d3p93a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4501_c8d05a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4502_a9t85a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4502_a9t87b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4503_e6g71b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4504_a9t88b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4504_c8d04a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4505_a9t86a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4507_e6g70b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4508_e6g72b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4509_d3p94a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4509_d3p94b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4511_k9h50a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4512_k9h49a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4513_k9h51a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4516_k9h52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_e6g67a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_e6g67b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_f0v63a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_f0v63b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_f0v69a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4521_k9t10b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4522_f0v67a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4523_j6u60b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4524_f0v71b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4524_f0v72b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4524_k9t01a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4525_k9t09b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4526_k9t05b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4527_j6u61b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4528_k9t08b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u85a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u85b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u91a:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u91a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u94b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_z4a54a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_z4a74a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5020_m2u91b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5530:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5531:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5532:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5534:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5535:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5536:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5539:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_f2e72a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v47a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v51a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v53a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_k7c85a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5541_k7g89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5542_k7c88a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5543_n9u88a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5544_k7c89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5544_k7c93a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5545_g0v50a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5546_k7c90a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5547_j6u64a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5548_k7g87a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5640_b9s56a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5640_b9s58a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5642_b9s64a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5643_b9s63a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5644_b9s65a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5646_f8b05a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5664_f8b08a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5665_f8b06a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_5se16b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_5se17a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_6wd35a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_7cz37a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6052_5se18a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6055_5se16a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6540_b9s59a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_7640:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_7644_e4w46a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_7645_e4w44a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_k7g18a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_k7g26b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_k7s21b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_y0k13d_:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_y0k15a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6220_k7g20d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6220_k7g21b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6222_y0k13d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6222_y0k14d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6230_k7g25b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6232_k7g26b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6234_k7s21b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6252_k7g22a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_3xd89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_k7g93a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_k7g99a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_z3m37a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_z3m52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7120_z3m41d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7155_z3m52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7164_k7g99a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_k7r96a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_k7s00a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_k7s10d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_y0g42d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_y0g52b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7822_y0g42d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7822_y0g43d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7830_y0g50b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_5se45b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_5se46a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_6wd14a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_6wd16a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6452_5se47a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6455_5se45a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4650_e6g87a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4650_f1h96a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4650_f1h96b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4652_f1j02a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4652_f1j05b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4652_k9v84b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4654_f1j06b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4654_f1j07b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4655_f1j00a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4655_k9v79a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4655_k9v82b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4656_k9v81b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4657_v6d29b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4658_v6d30b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hg255s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hg532e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:wr8165n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnhde111:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ruckussecurity:zonedirector_1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:archer_c50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:amg1202-t10b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8324-b10a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:xbox_one:10.0.19041.2494:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*']",0,0
CVE-2020-24755,Ubiquiti,0.00098,7.8,0.0,0.0,1.0,0.0,1,2021-05-17,0.0,,0.0,,,"In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in (Windows 7 x64/Windows 10 x64).",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:ui:unifi_video:3.10.13:*:*:*:*:*:*:*'],0,0
CVE-2020-8144,Ubiquiti,0.00044,8.4,0.0,0.0,1.0,0.0,1,2020-04-01,1.0,2020-03-30,,,1.0,"The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure they are within the intended destination directory tree. It accepts a request with a URL to firmware update information. If the version field contains ..\ character sequences, the destination file path to save the firmware can be manipulated to be outside the intended destination directory tree. Fixed in UniFi Video Controller v3.10.3 and newer.",CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,1.7,6.0,['CWE-22'],"['cpe:2.3:a:ui:unifi_video:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8145,Ubiquiti,0.00054,6.5,0.0,0.0,1.0,0.0,1,2020-04-01,1.0,2020-03-30,,,1.0,"The UniFi Video Server (Windows) web interface configuration restore functionality at the “backup” and “wizard” endpoints does not implement sufficient privilege checks. Low privileged users, belonging to the PUBLIC_GROUP or CUSTOM_GROUP groups, can access these endpoints and overwrite the current application configuration. This can be abused for various purposes, including adding new administrative users. Affected Products: UniFi Video Controller v3.9.3 (for Windows 7/8/10 x64) and prior. Fixed in UniFi Video Controller v3.9.6 and newer.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:ui:unifi_video:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8146,Ubiquiti,0.00063,7.8,0.0,0.0,1.0,0.0,1,2020-04-01,1.0,2020-03-30,,,1.0,In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsExport folder when the controller is running on Windows and adjusting the SafeDllSearchMode in the windows registry when installing UniFi-Video controller. Affected Products: UniFi Video Controller v3.10.2 (for Windows 7/8/10 x64) and prior. Fixed in UniFi Video Controller v3.10.3 and newer.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],"['cpe:2.3:a:ui:unifi_video:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8148,Ubiquiti,0.00089,5.3,0.0,0.0,0.0,1.0,1,2020-04-13,1.0,2020-04-10,,,1.0,UniFi Cloud Key firmware < 1.1.6 contains a vulnerability that enables an attacker being able to change a device hostname by sending a malicious API request. This affects Cloud Key gen2 and Cloud Key gen2 Plus.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE,MEDIUM,3.9,1.4,['CWE-287'],"['cpe:2.3:o:ui:cloud_key_gen2:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:cloud_key_gen2_plus:*:*:*:*:*:*:*:*']",0,0
CVE-2020-8213,Ubiquiti,0.00089,5.3,0.0,0.0,1.0,0.0,1,2020-07-30,1.0,2020-07-22,,,1.0,An information exposure vulnerability exists in UniFi Protect before v1.13.4-beta.5 that allowed unauthenticated attackers access to valid usernames for the UniFi Protect web application via HTTP response code and response timing.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-209'],['cpe:2.3:a:ui:unifi_protect:*:*:*:*:*:*:*:*'],0,0
CVE-2020-8232,Ubiquiti,0.0009,6.5,0.0,1.0,1.0,0.0,1,2020-08-17,1.0,2020-09-15,,,0.0,An information disclosure vulnerability exists in EdgeMax EdgeSwitch firmware v1.9.0 that allowed read only users could obtain unauthorized information through SNMP community pages.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-200'],"['cpe:2.3:a:ui:edgeswitch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ep-16-xg:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ep-s16:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-12f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-16-150w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-24-250w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-24-500w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-24-lite:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-48-500w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-48-750w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-48-lite:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-8-150w:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8233,Ubiquiti,0.00398,8.8,0.0,1.0,1.0,0.0,1,2020-08-17,1.0,2020-09-15,,,0.0,"A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-78', 'CWE-77']","['cpe:2.3:a:ui:edgeswitch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ep-16-xg:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ep-s16:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-12f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-16-150w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-24-250w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-24-500w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-24-lite:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-48-500w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-48-750w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-48-lite:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:es-8-150w:-:*:*:*:*:*:*:*', 'cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*', 'cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*']",0,0
CVE-2020-8234,Ubiquiti,0.02745,9.8,0.0,0.0,0.0,1.0,1,2020-08-21,0.0,,0.0,,,"A vulnerability exists in The EdgeMax EdgeSwitch firmware <v1.9.1 where the EdgeSwitch legacy web interface SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-613'],"['cpe:2.3:o:ui:edgemax_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:ep-s16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:es-12f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:es-16-150w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:es-16-xg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:es-24-250w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:es-24-500w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:es-24-lite:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:es-48-500w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:es-48-750w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:es-48-lite:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:es-8-150w:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8267,Ubiquiti,0.00126,5.3,0.0,0.0,0.0,1.0,1,2020-11-05,0.0,,0.0,,,"A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using “x-token” improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE,MEDIUM,3.9,1.4,['CWE-287'],['cpe:2.3:o:ui:unifi_protect_firmware:*:*:*:*:*:*:*:*'],0,0
CVE-2021-22943,Ubiquiti,0.00069,9.6,0.0,0.0,1.0,0.0,1,2021-08-31,1.0,2021-08-23,,,1.0,A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.8,6.0,['CWE-287'],['cpe:2.3:a:ui:unifi_protect:*:*:*:*:*:*:*:*'],0,0
CVE-2021-22944,Ubiquiti,0.00044,8.0,0.0,0.0,1.0,0.0,1,2021-08-31,1.0,2021-08-23,,,1.0,A vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.,CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:ui:unifi_protect:*:*:*:*:*:*:*:*'],0,0
CVE-2021-44527,Ubiquiti,0.00058,6.5,0.0,0.0,0.0,1.0,1,2021-12-07,1.0,2021-12-06,,,1.0,A vulnerability found in UniFi Switch firmware Version 5.43.35 and earlier allows a malicious actor who has already gained access to the network to perform a Deny of Service (DoS) attack on the affected switch.This vulnerability is fixed in UniFi Switch firmware 5.76.6 and later.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-400'],['cpe:2.3:o:ui:unifi_switch_firmware:*:*:*:*:*:*:*:*'],0,0
CVE-2017-0912,Ubiquiti,0.00054,5.4,0.0,0.0,1.0,0.0,0,2018-07-03,0.0,,0.0,,,"Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with ""Edit"" access to ""Scheduling"".",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:ui:ucrm:*:*:*:*:*:*:*:*'],0,0
CVE-2017-0935,Ubiquiti,0.00104,8.8,0.0,0.0,0.0,1.0,0,2018-03-22,1.0,2017-11-06,,,1.0,Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could escalate privileges to admin (root) access in the system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-269'],['cpe:2.3:o:ui:edgeos:*:*:*:*:*:*:*:*'],0,0
CVE-2017-0938,Ubiquiti,0.00287,7.5,0.0,1.0,0.0,1.0,0,2019-02-12,1.0,2017-09-11,,,1.0,"Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers to use the Discovery Protocol in amplification attacks.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-20', 'CWE-400']","['cpe:2.3:o:ui:airos:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:airmax_ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:airos:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:airmax_ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:edgemax_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:edgemax:-:*:*:*:*:*:*:*']",0,0
CVE-2018-5265,Ubiquiti,0.00455,7.2,0.0,1.0,0.0,1.0,0,2019-06-07,0.0,,0.0,,,"Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:ui:edgeos:1.9.1:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:erlite-3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15595,Ubiquiti,0.00251,8.8,0.0,1.0,0.0,1.0,0,2019-11-26,1.0,2019-10-09,,,1.0,A privilege escalation exists in UniFi Video Controller =<3.10.6 that would allow an attacker on the local machine to run arbitrary commands.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['NVD-CWE-noinfo', 'CWE-77']","['cpe:2.3:o:ui:unifi_video_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:unifi_video_controller:-:*:*:*:*:*:*:*']",0,0
CVE-2019-16889,Ubiquiti,0.00744,7.5,0.0,1.0,0.0,1.0,0,2019-09-25,1.0,2019-06-04,,,1.0,Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-770'],"['cpe:2.3:o:ui:er-x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:er-x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:er-x-sfp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:er-x-sfp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:ep-r6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ep-r6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:erlite-3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:erlite-3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:erpoe-5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:erpoe-5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:er-8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:er-8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:erpro-8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:erpro-8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ep-r8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:ep-r8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:er-4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:er-4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:er-6p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:er-6p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:er-12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:er-12_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:er-8-xg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:er-8-xg_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-27888,Ubiquiti,0.00168,7.5,0.0,1.0,0.0,1.0,0,2020-10-27,0.0,,0.0,,,An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-459'],"['cpe:2.3:o:ui:unifi_meshing_access_point_firmware:4.3.21.11325:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:unifi_meshing_access_point:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:unifi_controller_firmware:6.0.28:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:unifi_controller:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8157,Ubiquiti,0.00077,6.8,0.0,1.0,0.0,1.0,0,2020-05-02,1.0,2020-04-24,,,1.0,UniFi Cloud Key firmware <= v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root access through the serial interface (UART).,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,"['NVD-CWE-noinfo', 'CWE-284']","['cpe:2.3:o:ui:unifi_cloud_key_gen2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:unifi_cloud_key_gen2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:unifi_cloud_key_gen2_plus_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:unifi_cloud_key_gen2_plus:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8168,Ubiquiti,0.00147,8.8,0.0,1.0,0.0,1.0,0,2020-05-26,1.0,2020-05-18,,,1.0,"We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Attackers can abuse multiple end-points not protected against cross-site request forgery (CSRF), as a result authenticated users can be persuaded to visit malicious web pages, which allows attackers to perform arbitrary actions, such as downgrade the device's firmware to older versions, modify configuration, upload arbitrary firmware, exfiltrate files and tokens.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:ui:airos:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ag-hp-2g16:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ag-hp-2g20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ag-hp-5g23:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ag-hp-5g27:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:airgrid_m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:airgrid_m2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:airgrid_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ar:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ar-hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:bm2-ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:bm2hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:bm5-ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:bm5hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:is-m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:lbem5-23:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:litestation_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:locom2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:locom5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:locom9:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nb-2g18:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nb-5g22:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nb-5g25:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbe-m2-13:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbe-m5-16:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbe-m5-19:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbm3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbm365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbm9:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nsm2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nsm3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nsm365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nsm5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m2-400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-300-iso:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-400-iso:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbm10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbm365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbm5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:picom2hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:power_ap_n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:rm2-ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:rm5-ti:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8170,Ubiquiti,0.00135,6.1,0.0,1.0,0.0,1.0,0,2020-05-26,1.0,2020-05-18,,,1.0,"We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Multiple end-points with parameters vulnerable to reflected cross site scripting (XSS), allowing attackers to abuse the user' session information and/or account takeover of the admin user.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:h:ui:ag-hp-2g16:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ag-hp-2g20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ag-hp-5g23:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ag-hp-5g27:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:airgrid_m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:airgrid_m2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:airgrid_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ar:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ar-hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:bm2-ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:bm2hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:bm5-ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:bm5hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:is-m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:lbem5-23:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:litestation_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:locom2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:locom5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:locom9:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nb-2g18:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nb-5g22:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nb-5g25:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbe-m2-13:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbe-m5-16:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbe-m5-19:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbm3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbm365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbm9:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nsm2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nsm3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nsm365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nsm5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m2-400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-300-iso:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-400-iso:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbm10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbm365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbm5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:picom2hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:power_ap_n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:rm2-ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:rm5-ti:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:airos:*:*:*:*:*:*:*:*']",0,0
CVE-2020-8171,Ubiquiti,0.0457,9.8,0.0,1.0,0.0,1.0,0,2020-05-26,1.0,2020-05-18,,,1.0,"We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:There are certain end-points containing functionalities that are vulnerable to command injection. It is possible to craft an input string that passes the filter check but still contains commands, resulting in remote code execution.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-78', 'CWE-77']","['cpe:2.3:o:ui:airos:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ag-hp-2g16:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ag-hp-2g20:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ag-hp-5g23:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ag-hp-5g27:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:airgrid_m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:airgrid_m2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:airgrid_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ar:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ar-hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:bm2-ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:bm2hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:bm5-ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:bm5hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:is-m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:lbem5-23:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:litestation_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:locom2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:locom5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:locom9:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:m900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nb-2g18:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nb-5g22:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nb-5g25:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbe-m2-13:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbe-m5-16:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbe-m5-19:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbm3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbm365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nbm9:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nsm2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nsm3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nsm365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:nsm5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m2-400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-300-iso:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-400-iso:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbe-m5-620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbm10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbm365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:pbm5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:picom2hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:power_ap_n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:rm2-ti:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:rm5-ti:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8188,Ubiquiti,0.00266,8.8,0.0,1.0,0.0,1.0,0,2020-07-02,1.0,2020-06-25,,,1.0,"We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-78', 'CWE-77']","['cpe:2.3:o:ui:unifi_protect_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:unifi_protect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:unifi_protect_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:unifi_cloud_key_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:unifi_dream_machine_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8282,Ubiquiti,0.00196,8.8,0.0,1.0,0.0,1.0,0,2020-12-14,1.0,2020-11-17,,,1.0,"A security issue was found in EdgePower 24V/54V firmware v1.7.0 and earlier where, due to missing CSRF protections, an attacker would have been able to perform unauthorized remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:ui:edgemax_edgepower_24v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:edgemax_edgepower_24v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:edgemax_edgepower_54v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:edgemax_edgepower_54v:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22882,Ubiquiti,0.00116,7.5,0.0,1.0,0.0,0.0,0,2021-02-23,1.0,2021-02-23,,,1.0,UniFi Protect before v1.17.1 allows an attacker to use spoofed cameras to perform a denial-of-service attack that may cause the UniFi Protect controller to crash.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['NVD-CWE-noinfo', 'CWE-400']","['cpe:2.3:a:ui:unifi_protect_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:unifi_cloud_key_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:unifi_dream_machine_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:unifi_network_video_recorder:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22909,Ubiquiti,0.00291,7.5,0.0,1.0,0.0,1.0,0,2021-05-27,1.0,2021-05-18,,,1.0,A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later.,CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,"['CWE-295', 'CWE-300']","['cpe:2.3:o:ui:edgemax_edgerouter_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:edgemax_edgerouter:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22957,Ubiquiti,0.00199,8.8,0.0,0.0,1.0,0.0,0,2021-11-24,1.0,2021-11-24,,,1.0,A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Protect application Version 1.19.2 and earlier allows a malicious actor who has convinced a privileged user to access a URL with malicious code to take over said user’s account.This vulnerability is fixed in UniFi Protect application Version 1.20.0 and later.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['NVD-CWE-noinfo', 'CWE-16']",['cpe:2.3:a:ui:unifi_protect:*:*:*:*:*:*:*:*'],0,0
CVE-2021-33818,Ubiquiti,0.0021,7.5,0.0,1.0,0.0,0.0,0,2021-06-18,0.0,,0.0,,,"An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-400'],"['cpe:2.3:h:ui:camera_g3_flex:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:camera_g3_flex_firmware:uvc.v4.30.0.67:*:*:*:*:*:*:*']",0,0
CVE-2021-33820,Ubiquiti,0.0021,7.5,0.0,1.0,0.0,0.0,0,2021-06-18,0.0,,0.0,,,An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67.Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:ui:camera_g3_flex_firmware:uvc.v4.30.0.67:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:camera_g3_flex:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44530,Ubiquiti,0.00233,9.8,0.0,0.0,1.0,0.0,0,2022-01-14,1.0,2021-12-13,,,1.0,An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-74', 'CWE-20']",['cpe:2.3:a:ui:unifi_network_controller:*:*:*:*:*:*:*:*'],0,0
CVE-2022-22570,Ubiquiti,0.00226,10.0,0.0,1.0,0.0,1.0,0,2022-04-01,1.0,2021-03-17,,,1.0,A buffer overflow vulnerability found in the UniFi Door Access Reader Lite’s (UA Lite) firmware (Version 3.8.28.24 and earlier) allows a malicious actor who has gained access to a network to control all connected UA devices. This vulnerability is fixed in Version 3.8.31.13 and later.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,6.0,['CWE-120'],"['cpe:2.3:o:ui:ua_lite_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ui:ua_lite:-:*:*:*:*:*:*:*']",0,0
CVE-2022-43553,Ubiquiti,0.00239,8.8,0.0,1.0,0.0,1.0,0,2022-12-05,1.0,2022-11-23,,,1.0,A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['NVD-CWE-noinfo', 'CWE-250']","['cpe:2.3:o:ui:edgemax_edgerouter_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:-:*:*:*:*:*:*', 'cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix1:*:*:*:*:*:*', 'cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix2:*:*:*:*:*:*', 'cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix4:*:*:*:*:*:*', 'cpe:2.3:h:ui:edgemax_edgerouter:-:*:*:*:*:*:*:*']",0,0
CVE-2016-7165,Siemens,0.00061,6.4,0.0,0.0,1.0,0.0,1,2016-11-15,1.0,2019-10-08,,,0.0,"A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (""C:\Program Files\*"" or the localized equivalent).",CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.5,5.9,['CWE-254'],"['cpe:2.3:a:siemens:primary_setup_tool:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:security_configuration_tool:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_it_production_suite:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_net_pc_software:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_pcs7:8.1:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_pcs7:8.2:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_step_7:*:sp4:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_winac_rtx_2010:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_winac_rtx_f_2010:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc:*:sp2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc:7.0:sp3:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc:7.2:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:advanced:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:basic:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:comfort:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):-:*:*:*:professional:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime:-:*:*:*:professional:*:*:*', 'cpe:2.3:a:siemens:simit:9.0:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinema_remote_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinema_server:*:sp2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:softnet_security_client:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:telecontrol_basic:*:sp2:*:*:*:*:*:*']",0,0
CVE-2016-7987,Siemens,0.00083,7.5,0.0,1.0,0.0,0.0,1,2017-02-13,1.0,2016-11-07,,,1.0,"An issue was discovered in Siemens ETA4 firmware (all versions prior to Revision 08) of the SM-2558 extension module for: SICAM AK, SICAM TM 1703, SICAM BC 1703, and SICAM AK 3. Specially crafted packets sent to Port 2404/TCP could cause the affected device to go into defect mode. A cold start might be required to recover the system, a Denial-of-Service Vulnerability.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-19'],"['cpe:2.3:o:siemens:eta4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sicam_ak:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sicam_ak_3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sicam_bc_1703:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sicam_tm_1703:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:eta2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sicam_ak:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sicam_bc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sicam_tm:-:*:*:*:*:*:*:*']",0,0
CVE-2016-8564,Siemens,0.00134,6.5,0.0,0.0,1.0,0.0,1,2016-10-13,1.0,2016-10-13,,,1.0,SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,NONE,MEDIUM,3.9,2.5,['CWE-89'],['cpe:2.3:a:siemens:automation_license_manager:*:sp3:*:*:*:*:*:*'],0,0
CVE-2016-8672,Siemens,0.00096,5.3,0.0,1.0,0.0,0.0,1,2016-11-23,1.0,2017-03-16,,,0.0,"A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the ""secure"" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-200'],"['cpe:2.3:o:siemens:simatic_cp_343-1_firmware:-:*:*:*:advanced:*:*:*', 'cpe:2.3:h:siemens:simatic_cp_343-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_s7_300_cpu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_s7_300_cpu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_s7_400_cpu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_s7_400_cpu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_cp_443-1_firmware:-:*:*:*:advanced:*:*:*', 'cpe:2.3:h:siemens:simatic_cp_443-1:-:*:*:*:*:*:*:*']",0,0
CVE-2016-9160,Siemens,0.00595,8.1,0.0,0.0,1.0,0.0,1,2016-12-17,1.0,2016-12-13,,,1.0,A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH,HIGH,2.8,5.2,"['CWE-254', 'CWE-111']","['cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*']",0,0
CVE-2017-9942,Siemens,0.00042,7.8,0.0,0.0,1.0,0.0,1,2017-08-08,0.0,,0.0,,,A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['NVD-CWE-noinfo', 'CWE-257']",['cpe:2.3:a:siemens:sipass_integrated:*:sp2:*:*:*:*:*:*'],0,0
CVE-2017-9947,Siemens,0.00413,5.3,0.0,1.0,0.0,0.0,1,2017-10-23,1.0,2017-10-12,,,1.0,A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,"['CWE-22', 'CWE-538']","['cpe:2.3:o:siemens:apogee_pxc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:apogee_pxc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:apogee_pxc_modular_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:apogee_pxc_modular:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:talon_tc_compact_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:talon_tc_compact:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:talon_tc_modular_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:talon_tc_modular:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3616,Siemens,0.00528,5.9,0.0,1.0,0.0,0.0,1,2018-09-12,1.0,2019-02-12,,,0.0,Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:manageability_engine_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_pc547e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_pc547g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-3658,Siemens,0.00928,5.3,0.0,1.0,0.0,0.0,1,2018-09-12,1.0,2019-02-12,,,0.0,Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,['CWE-772'],"['cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_pc547e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_pc547g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:manageability_engine_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-4845,Siemens,0.00278,8.8,0.0,1.0,0.0,0.0,1,2018-06-26,1.0,2018-06-26,,,1.0,"A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products). Remote attackers with either local or remote credentialed access to the ""Remote View"" feature might be able to elevate their privileges, compromising confidentiality, integrity, and availability of the system. No special skills or user interaction are required to perform this attack. At the time of advisory publication, no public exploitation of this security vulnerability is known. Siemens Healthineers confirms the security vulnerability and provides mitigations to resolve the security issue.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-269', 'CWE-284']","['cpe:2.3:o:siemens:rapidpoint_400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:rapidpoint_400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:rapidpoint_500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:rapidpoint_500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:rapidpoint_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:rapidlab_1200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:rapidlab_1200:-:*:*:*:*:*:*:*']",0,0
CVE-2018-4848,Siemens,0.00059,6.1,0.0,1.0,0.0,0.0,1,2018-06-14,1.0,2020-01-14,,,0.0,"A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.3), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3). The integrated configuration web server of the affected devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,"['CWE-79', 'CWE-80']","['cpe:2.3:o:siemens:scalance_x300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x-200_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x-200_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x-200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x-200:-:*:*:*:*:*:*:*']",0,0
CVE-2018-4852,Siemens,0.00293,9.8,0.0,1.0,0.0,0.0,1,2018-07-03,0.0,,1.0,2018-07-03,,A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to the device could potentially circumvent the authentication mechanism if he/she is able to obtain certain knowledge specific to the attacked device.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-287', 'CWE-288']","['cpe:2.3:o:siemens:siclock_tc400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:siclock_tc400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:siclock_tc100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:siclock_tc100:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13918,Siemens,0.0017,9.8,0.0,0.0,1.0,0.0,1,2019-09-13,1.0,2019-09-10,,,1.0,"A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). The web interface has no means to prevent password guessing attacks. The vulnerability could be exploited by an attacker with network access to the vulnerable software, requiring no privileges and no user interaction. The vulnerability could allow full access to the web interface. At the time of advisory publication no public exploitation of this security vulnerability was known.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-521', 'CWE-307']","['cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinema_remote_connect_server:2.0:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinema_remote_connect_server:2.0:hf1:*:*:*:*:*:*']",0,0
CVE-2019-13919,Siemens,0.00054,4.3,0.0,0.0,1.0,0.0,1,2019-09-13,1.0,2019-09-10,,,1.0,A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some pages that should only be accessible by a privileged user can also be accessed by a non-privileged user. The security vulnerability could be exploited by an attacker with network access and valid credentials for the web interface. No user interaction is required. The vulnerability could allow an attacker to access information that he should not be able to read. The affected information does not include passwords. At the time of advisory publication no public exploitation of this security vulnerability was known.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,2.8,1.4,"['NVD-CWE-Other', 'CWE-284']","['cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinema_remote_connect_server:2.0:hf1:*:*:*:*:*:*']",0,0
CVE-2019-13921,Siemens,0.0011,7.5,0.0,0.0,1.0,0.0,1,2019-10-10,1.0,2020-01-14,,,0.0,A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions < SP3 Update 1). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large HTTP request is sent to the executing service. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the service provided by the software.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-400', 'CWE-410']","['cpe:2.3:a:siemens:simatic_winac_rtx_\\(f\\)_2010:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_winac_rtx_\\(f\\)_2010:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_winac_rtx_\\(f\\)_2010:-:update_1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_winac_rtx_\\(f\\)_2010:-:update_2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_winac_rtx_\\(f\\)_2010:-:update_3:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_winac_rtx_\\(f\\)_2010:sp1:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_winac_rtx_\\(f\\)_2010:sp2:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_winac_rtx_\\(f\\)_2010:sp2:update_1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_winac_rtx_\\(f\\)_2010:sp2:update_2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_winac_rtx_\\(f\\)_2010:sp2:update_3:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_winac_rtx_\\(f\\)_2010:sp2:update_4:*:*:*:*:*:*']",0,0
CVE-2020-12762,Siemens,0.00111,7.8,0.0,0.0,1.0,0.0,1,2020-05-09,1.0,2022-09-13,,,0.0,"json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-190'],"['cpe:2.3:a:json-c:json-c:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*', 'cpe:2.3:a:siemens:sinec_ins:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*']",0,0
CVE-2020-13987,Siemens,0.00172,7.5,0.0,1.0,0.0,0.0,1,2020-12-11,1.0,2022-03-08,,,0.0,An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:o:contiki-os:contiki:*:*:*:*:*:*:*:*', 'cpe:2.3:a:uip_project:uip:*:*:*:*:*:*:*:*', 'cpe:2.3:a:open-iscsi_project:open-iscsi:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sentron_3va_com100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sentron_3va_com100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sentron_3va_com800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sentron_3va_com800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sentron_pac3200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sentron_pac3200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sentron_pac4200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sentron_pac4200_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-7575,Siemens,0.00078,6.1,0.0,1.0,0.0,0.0,1,2020-04-14,1.0,2021-02-09,,,0.0,"A vulnerability has been identified in Climatix POL908 (BACnet/IP module) (All versions), Climatix POL909 (AWM module) (All versions < V11.32). A persistent cross-site scripting (XSS) vulnerability exists in the web server access log page of the affected devices that could allow an attacker to inject arbitrary JavaScript code via specially crafted GET requests. The code could be potentially executed later by another (privileged) user. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges. An attacker could use the vulnerability to compromise the confidentiality and integrity of other users' web sessions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,"['CWE-79', 'CWE-80']","['cpe:2.3:o:siemens:climatix_pol908_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:climatix_pol908:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:climatix_pol909:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:climatix_pol909_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-7576,Siemens,0.00054,5.4,0.0,0.0,1.0,0.0,1,2020-07-14,1.0,2021-01-12,,,0.0,"A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions < V8.2), Opcenter Execution Core (V8.2). An authenticated user with the ability to create containers, packages or register defects could perform stored Cross-Site Scripting (XSS) attacks within the vulnerable software. The impact of this attack could result in the session cookies of legitimate users being stolen. Should the attacker gain access to these cookies, they could then hijack the session and perform arbitrary actions in the name of the victim.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:siemens:opcenter_execution_core:*:*:*:*:*:*:*:*'],0,0
CVE-2020-7577,Siemens,0.00058,8.1,0.0,0.0,1.0,0.0,1,2020-07-14,1.0,2021-01-12,,,0.0,"A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions < V8.2). Through the use of several vulnerable fields of the application, an authenticated user could perform an SQL Injection attack by passing a modified SQL query downstream to the back-end server. The exploit of this vulnerability could be used to read, and potentially modify application data to which the user has access to.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,['CWE-89'],['cpe:2.3:a:siemens:opcenter_execution_core:*:*:*:*:*:*:*:*'],0,0
CVE-2020-7588,Siemens,0.0011,5.3,0.0,0.0,1.0,0.0,1,2020-07-14,1.0,2021-07-13,,,0.0,"A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,['CWE-20'],"['cpe:2.3:a:siemens:opcenter_execution_discrete:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:opcenter_execution_foundation:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:opcenter_execution_process:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:opcenter_rd\\&l:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_it_lms:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_it_production_suite:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_notifier_server:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_step_7:16:update_1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simocode_es:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:soft_starter_es:*:*:*:*:*:*:*:*']",0,0
CVE-2020-8704,Siemens,0.00044,6.4,0.0,1.0,0.0,0.0,1,2021-06-09,1.0,2022-12-13,,,0.0,Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.5,5.9,['CWE-362'],"['cpe:2.3:a:intel:local_manageability_service:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc527g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc527g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8745,Siemens,0.00102,6.8,0.0,1.0,0.0,0.0,1,2020-11-12,1.0,2022-12-13,,,0.0,"Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:converged_security_and_manageability_engine:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:trusted_execution_technology:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:trusted_execution_technology:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_drive_controller_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_drive_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_et200sp_1515sp_pc2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_et200sp_1515sp_pc2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc127e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc127e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc527g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc527g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc667e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc667e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinumerik_828d_hw_pu.4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinumerik_828d_hw_pu.4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinumerik_mc_mcu_1720_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinumerik_mc_mcu_1720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinumerik_one_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinumerik_one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinumerik_840d_sl_ht_10_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinumerik_840d_sl_ht_10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinumerik_one_ncu_1740_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinumerik_one_ncu_1740:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinumerik_one_ppu_1740_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinumerik_one_ppu_1740:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22897,Siemens,0.00412,5.3,0.0,0.0,1.0,0.0,1,2021-06-11,1.0,2022-03-08,,,0.0,"curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single ""static"" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,"['CWE-668', 'CWE-840']","['cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*', 'cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*', 'cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*', 'cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*']",0,0
CVE-2021-27383,Siemens,0.00179,7.5,0.0,1.0,1.0,0.0,1,2021-05-12,1.0,2021-08-10,,,0.0,"A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-770'],"['cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:16:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*']",0,0
CVE-2021-27385,Siemens,0.0035,7.5,0.0,1.0,1.0,0.0,1,2021-05-12,1.0,2021-08-10,,,0.0,"A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\"" & 15\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\"" - 22\"" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-835', 'CWE-400']","['cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:16:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\""_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\""_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\""_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\""_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\"":-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*']",0,0
CVE-2021-27391,Siemens,0.0082,9.8,0.0,1.0,0.0,0.0,1,2021-09-14,1.0,2021-09-14,,,1.0,"A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8), APOGEE PXC Modular (BACnet) (All versions < V3.5.3), APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8), TALON TC Compact (BACnet) (All versions < V3.5.3), TALON TC Modular (BACnet) (All versions < V3.5.3). The web server of affected devices lacks proper bounds checking when parsing the Host parameter in HTTP requests, which could lead to a buffer overflow. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the device with root privileges.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:siemens:apogee_mbc_\\(ppc\\)_\\(p2_ethernet\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:apogee_mbc_\\(ppc\\)_\\(p2_ethernet\\):*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:apogee_mec_\\(ppc\\)_\\(p2_ethernet\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:apogee_mec_\\(ppc\\)_\\(p2_ethernet\\):*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:apogee_pxc_bacnet_automation_controller_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:apogee_pxc_bacnet_automation_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:apogee_pxc_compact_\\(p2_ethernet\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:apogee_pxc_compact_\\(p2_ethernet\\):*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:apogee_pxc_modular_\\(bacnet\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:apogee_pxc_modular_\\(bacnet\\):*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:apogee_pxc_modular_\\(p2_ethernet\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:apogee_pxc_modular_\\(p2_ethernet\\):*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:talon_tc_compact_\\(bacnet\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:talon_tc_compact_\\(bacnet\\):*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:talon_tc_modular_\\(bacnet\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:talon_tc_modular_\\(bacnet\\):*:*:*:*:*:*:*:*']",0,0
CVE-2021-27393,Siemens,0.00084,5.3,0.0,0.0,1.0,0.0,1,2021-04-22,1.0,2021-11-09,,,0.0,"A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE,MEDIUM,3.9,1.4,['CWE-330'],"['cpe:2.3:a:siemens:nucleus_net:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:nucleus_readystart_v3:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:nucleus_source_code:-:*:*:*:*:*:*:*']",0,0
CVE-2021-29998,Siemens,0.0041,9.8,0.0,1.0,0.0,0.0,1,2021-04-13,1.0,2022-05-10,,,0.0,An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:ruggedcom_win_subscriber_station:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:ruggedcom_win_subscriber_station_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x200-4_p_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x200-4_p_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x202-2_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x202-2_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204_irt_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204_irt_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204-2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x208_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x208_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x408_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x408:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf204_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf204_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_rf_181_eip_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_rf_181_eip:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_rf_182c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_rf_182c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sinamics_perfect_harmony_gh180_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sinamics_perfect_harmony_gh180:-:*:*:*:*:*:*:*']",0,0
CVE-2021-41534,Siemens,0.00066,3.3,0.0,1.0,1.0,0.0,1,2021-09-28,1.0,2021-09-28,,,1.0,"A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process (ZDI-CAN-13703).",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,['CWE-125'],"['cpe:2.3:a:siemens:solid_edge:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge:se2021:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack3:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack4:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack5:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack6:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack7:*:*:*:*:*:*', 'cpe:2.3:o:siemens:nx_1984_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:nx_1984:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:nx_1988_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:nx_1988:-:*:*:*:*:*:*:*']",0,0
CVE-2022-22826,Siemens,0.01343,8.8,0.0,0.0,1.0,0.0,1,2022-01-10,1.0,2022-06-14,,,0.0,nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-190'],"['cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*']",0,0
CVE-2022-23102,Siemens,0.00403,6.1,0.0,0.0,1.0,0.0,1,2022-02-09,1.0,2022-02-08,,,1.0,A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Affected products contain an open redirect vulnerability. An attacker could trick a valid authenticated user to the device into clicking a malicious link there by leading to phishing attacks.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-601'],['cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*'],0,0
CVE-2022-23312,Siemens,0.00073,6.1,0.0,0.0,1.0,0.0,1,2022-02-09,1.0,2022-02-08,,,1.0,"A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP9 Security Patch 1). The integrated web application ""Online Help"" in affected product contains a Cross-Site Scripting (XSS) vulnerability that could be exploited if unsuspecting users are tricked into accessing a malicious link.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:*', 'cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:*']",0,0
CVE-2022-26335,Siemens,0.00178,7.5,0.0,1.0,0.0,0.0,1,2022-04-12,1.0,2022-04-12,,,1.0,"A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-120'],"['cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x308-2lh\\+_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x308-2lh\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:*']",0,0
CVE-2022-26649,Siemens,0.00164,7.5,0.0,1.0,0.0,0.0,1,2022-07-12,1.0,2022-07-12,,,1.0,"A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.8,6.0,['CWE-120'],"['cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204-2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x208_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x208_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x200-4p_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x202-2irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_x204irt_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_x204irt_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_xf204irt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_xf204irt:-:*:*:*:*:*:*:*']",0,0
CVE-2016-9042,Siemens,0.01865,5.9,0.0,1.0,0.0,0.0,0,2018-06-04,1.0,2021-06-08,,,0.0,An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.2,3.6,['CWE-20'],"['cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:hpux-ntp:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_net_cp_443-1_opc_ua_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_net_cp_443-1_opc_ua:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20748,Siemens,0.00427,9.8,0.0,1.0,0.0,0.0,0,2019-01-30,1.0,2021-12-14,,,0.0,LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1500_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1500_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1900_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1900_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc2200_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc2200_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2018-21247,Siemens,0.00216,7.5,0.0,1.0,0.0,0.0,0,2020-06-17,1.0,2021-12-14,,,0.0,An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-909'],"['cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1500_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1500_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1900_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1900_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc2200_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc2200_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*']",0,0
CVE-2018-5380,Siemens,0.00463,4.3,0.0,1.0,0.0,0.0,0,2018-02-19,1.0,2019-04-09,,,0.0,"The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,2.8,1.4,['CWE-125'],"['cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:ruggedcom_rox_ii:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13935,Siemens,0.00054,5.4,0.0,0.0,1.0,0.0,0,2019-11-27,0.0,,0.0,,,Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a reflected XSS vulnerability. This issue affects: Siemens AG Polarion All versions < 19.2.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:siemens:polarion:*:*:*:*:*:*:*:*'],0,0
CVE-2020-11656,Siemens,0.01062,9.8,0.0,0.0,1.0,0.0,0,2020-04-09,1.0,2022-03-08,,,0.0,"In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-416'],"['cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.1.2.4:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:outside_in_technology:8.5.4:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:outside_in_technology:8.5.5:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*']",0,0
CVE-2020-12358,Siemens,0.00044,4.4,0.0,1.0,0.0,0.0,0,2021-06-09,1.0,2022-12-13,,,0.0,Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,0.8,3.6,['CWE-787'],"['cpe:2.3:o:intel:bios:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1060ng7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1068ng7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1180g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185g7e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185gre:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1195g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6498du:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6500u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6560u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6567u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6600u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6650u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6660u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6770hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6785r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820eq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820hk:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6822eq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6870hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6920hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6970hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7500u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7560u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7567u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7600u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7660u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820eq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820hk:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7920hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7y75:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8665ue:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10900x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10920x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10940x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10980xe:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3104:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3106:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3206r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1513n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1518:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1521:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1523n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1524n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1527:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1528:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1529:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1531:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1533n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1537:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1539:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1540:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1541:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1543n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1548:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1553n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1557:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1559:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1563n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1567:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1571:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1573n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1577:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1581:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1587:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1602:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1612:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1622:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1623n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1627:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1632:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1633n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1637:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1649n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1653n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2123it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2141i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2142it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2143it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2145nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2146nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2161i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2163it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2166nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2173it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2177nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2183it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2187nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2191:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2104g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2124:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2124g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2126g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2134:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2136:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2144g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2146g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2174g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2176g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2176m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2186g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2186m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2224:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2224g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2226g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2226ge:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2234:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2236:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2244g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2246g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2254me:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2254ml:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2274g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276me:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276ml:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2286g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1205_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1220_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1220_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1225_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1225_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1230_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1230_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1235l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1245_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1245_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1260l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1268l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1270_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1270_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1275_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1275_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1280_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1280_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1285_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1501l_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1501m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505l_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1515m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1535m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1535m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1545m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1558l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1565l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1575m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1578l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1585_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1585l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1428l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1603_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1603_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1607_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1607_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1630_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1680_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2408l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2418l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2428l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2438l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2603_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2603_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2608l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2608l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2609_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2609_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2618l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2618l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2623_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2623_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2628l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2637_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2637_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2640_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2643_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2643_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2648l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2648l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658a_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2667_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2670_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2679_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2680_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2683_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2683_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2685_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2687w_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2687w_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2689_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2690_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2690_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2695_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2695_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2698_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2698_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699r_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4610_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4610_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4627_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4627_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4640_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4648_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4655_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4655_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4667_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4669_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4669_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4809_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4820_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4830_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4850_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8855_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8860_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8867_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8870_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8880_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8890_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8891_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8893_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8894_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5115:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5117:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5117f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5118:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5119t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5120t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5122:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5219y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6122:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6128:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6129:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6132:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6134:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6134m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6135:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6136:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6137:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6140:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6140m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6142:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6142f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6142m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6143:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6144:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6146:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6148:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6148f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6150:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6152:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6154:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6162:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6208u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6222:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6226r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6234:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6242r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6246r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6248r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6250:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6250l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6256:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6258r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6262:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6269y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8153:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8156:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8158:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8164:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8165:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8170:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8170m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8174:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8180:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8180m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8274:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8284:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9221:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9222:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4106h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4108:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4109t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4110:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4112:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4114:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4114t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4116:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4116t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4123:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4215r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-10855m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-10885m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11855m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11955m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1270:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1270e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1270te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1350:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1350p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1370:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1370p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1390:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1390p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1390t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2102:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2104:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2123:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2125:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2133:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2135:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2145:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2155:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2195:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3175x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3235:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:aff_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:e-series_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:fas_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*']",0,0
CVE-2020-12360,Siemens,0.00044,7.8,0.0,1.0,0.0,0.0,0,2021-06-09,1.0,2022-12-13,,,0.0,Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-125'],"['cpe:2.3:o:intel:bios:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1060ng7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1068ng7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1180g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185g7e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185gre:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1195g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6498du:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6500u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6560u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6567u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6600u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6650u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6660u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6770hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6785r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820eq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820hk:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6822eq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6870hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6920hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6970hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7500u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7560u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7567u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7600u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7660u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820eq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820hk:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7920hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7y75:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8665ue:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10900x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10920x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10940x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10980xe:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3104:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3106:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3206r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1513n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1518:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1521:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1523n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1524n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1527:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1528:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1529:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1531:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1533n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1537:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1539:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1540:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1541:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1543n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1548:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1553n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1557:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1559:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1563n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1567:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1571:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1573n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1577:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1581:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1587:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1602:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1612:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1622:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1623n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1627:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1632:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1633n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1637:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1649n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1653n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2123it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2141i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2142it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2143it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2145nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2146nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2161i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2163it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2166nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2173it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2177nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2183it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2187nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2191:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2104g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2124:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2124g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2126g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2134:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2136:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2144g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2146g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2174g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2176g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2176m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2186g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2186m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2224:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2224g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2226g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2226ge:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2234:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2236:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2244g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2246g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2254me:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2254ml:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2274g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276me:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276ml:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2286g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1205_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1220_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1220_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1225_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1225_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1230_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1230_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1235l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1245_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1245_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1260l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1268l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1270_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1270_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1275_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1275_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1280_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1280_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1285_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1501l_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1501m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505l_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1515m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1535m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1535m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1545m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1558l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1565l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1575m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1578l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1585_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1585l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1428l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1603_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1603_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1607_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1607_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1630_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1680_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2408l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2418l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2428l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2438l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2603_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2603_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2608l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2608l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2609_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2609_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2618l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2618l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2623_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2623_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2628l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2637_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2637_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2640_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2643_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2643_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2648l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2648l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658a_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2667_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2670_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2679_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2680_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2683_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2683_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2685_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2687w_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2687w_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2689_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2690_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2690_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2695_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2695_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2698_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2698_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699r_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4610_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4610_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4627_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4627_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4640_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4648_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4655_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4655_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4667_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4669_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4669_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4809_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4820_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4830_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4850_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8855_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8860_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8867_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8870_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8880_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8890_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8891_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8893_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8894_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5115:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5117:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5117f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5118:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5119t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5120t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5122:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5219y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6122:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6128:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6129:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6132:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6134:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6134m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6135:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6136:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6137:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6140:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6140m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6142:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6142f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6142m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6143:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6144:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6146:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6148:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6148f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6150:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6152:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6154:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6162:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6208u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6222:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6226r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6234:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6242r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6246r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6248r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6250:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6250l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6256:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6258r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6262:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6269y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8153:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8156:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8158:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8164:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8165:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8170:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8170m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8174:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8180:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8180m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8274:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8284:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9221:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9222:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4106h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4108:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4109t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4110:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4112:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4114:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4114t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4116:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4116t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4123:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4215r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-10855m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-10885m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11855m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11955m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1270:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1270e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1270te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1350:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1350p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1370:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1370p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1390:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1390p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1390t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2102:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2104:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2123:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2125:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2133:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2135:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2145:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2155:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2195:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3175x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3235:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:aff_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:e-series_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:fas_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_cpu_1518-4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_cpu_1518-4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_cpu_1518f-4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_cpu_1518f-4:-:*:*:*:*:*:*:*']",0,0
CVE-2020-13631,Siemens,0.00105,5.5,0.0,0.0,1.0,0.0,0,2020-05-27,1.0,2022-03-08,,,0.0,"SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brocade:fabric_operating_system:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:outside_in_technology:8.5.4:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:outside_in_technology:8.5.5:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*']",0,0
CVE-2020-14396,Siemens,0.00164,7.5,0.0,1.0,0.0,0.0,0,2020-06-17,1.0,2021-11-14,,,0.0,An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-476'],"['cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1500_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1500_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1900_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1900_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc2200_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc2200_pro_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14405,Siemens,0.00178,6.5,0.0,1.0,0.0,0.0,0,2020-06-17,1.0,2021-12-14,,,0.0,An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-770'],"['cpe:2.3:a:libvnc_project:libvncserver:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1500_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1500_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1900_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1900_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc2200_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc2200_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2020-7590,Siemens,0.00061,6.8,0.0,1.0,0.0,0.0,0,2020-10-13,0.0,,1.0,2020-10-13,,"A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797). Affected devices use a hard-coded password to protect the onboard database. This could allow an attacker to read and or modify the onboard database. Successful exploitation requires direct physical access to the device.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-259'],"['cpe:2.3:h:siemens:dca_vantage_analyzer:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:dca_vantage_analyzer_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-8285,Siemens,0.0071,7.5,0.0,0.0,1.0,0.0,0,2020-12-14,1.0,2022-03-08,,,0.0,curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-674'],"['cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:hci_storage_node_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*', 'cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*', 'cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*', 'cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*']",0,0
CVE-2020-8625,Siemens,0.18732,8.1,0.0,0.0,1.0,0.0,0,2021-02-17,1.0,2022-03-08,,,0.0,"BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 -> 9.11.27, 9.12.0 -> 9.16.11, and versions BIND 9.11.3-S1 -> 9.11.27-S1 and 9.16.8-S1 -> 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-120'],"['cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*', 'cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*', 'cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.17.0:*:*:*:*:*:*:*', 'cpe:2.3:a:isc:bind:9.17.1:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2020-9272,Siemens,0.0016,7.5,0.0,1.0,0.0,0.0,0,2020-02-20,1.0,2022-06-14,,,0.0,ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_net_cp_1545-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_net_cp_1545-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*', 'cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*']",0,0
CVE-2020-9273,Siemens,0.07013,8.8,0.0,1.0,0.0,0.0,0,2020-02-20,1.0,2022-06-14,,,0.0,"In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-416'],"['cpe:2.3:a:proftpd:proftpd:1.3.7:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*', 'cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_net_cp_1545-1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_net_cp_1545-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*']",0,0
CVE-2021-22884,Siemens,0.00545,7.5,0.0,0.0,1.0,0.0,0,2021-03-03,1.0,2022-03-08,,,0.0,"Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the “localhost6” domain. As long as the attacker uses the “localhost6” domain, they can still apply the attack described in CVE-2018-7160.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,"['NVD-CWE-Other', 'CWE-350']","['cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*', 'cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*', 'cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*']",0,0
CVE-2021-22923,Siemens,0.00191,5.3,0.0,0.0,1.0,0.0,0,2021-08-05,1.0,2022-03-08,,,0.0,"When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user's expectations and intentions and without telling the user it happened.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.6,3.6,['CWE-319'],"['cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*', 'cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*', 'cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*', 'cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*']",0,0
CVE-2021-25215,Siemens,0.0674,7.5,0.0,0.0,1.0,0.0,0,2021-04-29,1.0,2022-03-08,,,0.0,"In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-617'],"['cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*', 'cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*', 'cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*', 'cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.9.12:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.9.13:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*']",0,0
CVE-2021-25219,Siemens,0.00707,5.3,0.0,0.0,1.0,0.0,0,2021-10-27,1.0,2022-03-08,,,0.0,"In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,['NVD-CWE-noinfo'],"['cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*', 'cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*', 'cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*', 'cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.9.12:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.9.13:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.35:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.16.21:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*']",0,0
CVE-2021-25678,Siemens,0.00078,7.8,0.0,0.0,1.0,0.0,0,2021-04-22,1.0,2021-06-08,,,0.0,"A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12529)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:a:siemens:solid_edge_se2020:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge_se2021:*:*:*:*:*:*:*:*']",0,0
CVE-2021-27290,Siemens,0.00242,7.5,0.0,0.0,1.0,0.0,0,2021-03-12,1.0,2022-03-08,,,0.0,"ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-Other'],"['cpe:2.3:a:ssri_project:ssri:*:*:*:*:*:node.js:*:*', 'cpe:2.3:a:ssri_project:ssri:*:*:*:*:*:node.js:*:*', 'cpe:2.3:a:oracle:graalvm:20.3.3:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:oracle:graalvm:21.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*']",0,0
CVE-2021-27382,Siemens,0.00606,7.8,0.0,0.0,1.0,0.0,0,2021-04-22,1.0,2021-06-08,,,0.0,"A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a stack based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13040)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['CWE-121', 'CWE-787']","['cpe:2.3:a:siemens:solid_edge_se2020:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge_se2021:*:*:*:*:*:*:*:*']",0,0
CVE-2021-27387,Siemens,0.00078,7.8,0.0,0.0,1.0,0.0,0,2021-06-08,1.0,2021-06-08,,,1.0,"A vulnerability has been identified in Simcenter Femap 2020.2 (All versions < V2020.2.MP3), Simcenter Femap 2021.1 (All versions < V2021.1.MP3). The femap.exe application lacks proper validation of user-supplied data when parsing FEMAP files. This could result in an out of bounds write past the end of an allocated structure, a different vulnerability than CVE-2021-27399. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12819)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:a:siemens:simcenter_femap:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simcenter_femap:2020.2:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simcenter_femap:2020.2:maintenance_pack1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simcenter_femap:2020.2:maintenance_pack2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simcenter_femap:2021.1:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simcenter_femap:2021.1:maintenance_pack1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simcenter_femap:2021.1:maintenance_pack2:*:*:*:*:*:*']",0,0
CVE-2021-27389,Siemens,0.0017,9.8,0.0,0.0,1.0,0.0,0,2021-04-22,0.0,,1.0,2021-04-13,,"A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive (All versions < V12.30). A private sign key is shipped with the product without adequate protection.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-321'],"['cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:qms_automotive:*:*:*:*:*:*:*:*']",0,0
CVE-2021-27392,Siemens,0.00365,8.8,0.0,0.0,1.0,0.0,0,2021-04-22,1.0,2021-04-13,,,1.0,"A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3), Siveillance Video Open Network Bridge (2020 R2), Siveillance Video Open Network Bridge (2020 R1), Siveillance Video Open Network Bridge (2019 R3), Siveillance Video Open Network Bridge (2019 R2), Siveillance Video Open Network Bridge (2019 R1), Siveillance Video Open Network Bridge (2018 R3), Siveillance Video Open Network Bridge (2018 R2). Affected Open Network Bridges store user credentials for the authentication between ONVIF clients and ONVIF server using a hard-coded key. The encrypted credentials can be retrieved via the MIP SDK. This could allow an authenticated remote attacker to retrieve and decrypt all credentials stored on the ONVIF server.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-798', 'CWE-321']","['cpe:2.3:a:siemens:siveillance_video_open_network_bridge:2018:r2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_video_open_network_bridge:2018:r3:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_video_open_network_bridge:2019:r1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_video_open_network_bridge:2019:r2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_video_open_network_bridge:2019:r3:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_video_open_network_bridge:2020:r1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_video_open_network_bridge:2020:r2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_video_open_network_bridge:2020:r3:*:*:*:*:*:*']",0,0
CVE-2021-27398,Siemens,0.0029,7.8,0.0,0.0,1.0,0.0,0,2021-05-12,1.0,2021-05-11,,,1.0,"A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V16.0.5). The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27396. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13290)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-121'],['cpe:2.3:a:siemens:tecnomatix_plant_simulation:*:*:*:*:*:*:*:*'],0,0
CVE-2021-27399,Siemens,0.00078,7.8,0.0,0.0,1.0,0.0,0,2021-06-08,1.0,2021-06-08,,,1.0,"A vulnerability has been identified in Simcenter Femap 2020.2 (All versions < V2020.2.MP3), Simcenter Femap 2021.1 (All versions < V2021.1.MP3). The femap.exe application lacks proper validation of user-supplied data when parsing FEMAP files. This could result in an out of bounds write past the end of an allocated structure, a different vulnerability than CVE-2021-27387. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12820)",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:a:siemens:simcenter_femap:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simcenter_femap:2020.2:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simcenter_femap:2020.2:maintenance_pack1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simcenter_femap:2020.2:maintenance_pack2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simcenter_femap:2021.1:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simcenter_femap:2021.1:maintenance_pack1:*:*:*:*:*:*', 'cpe:2.3:a:siemens:simcenter_femap:2021.1:maintenance_pack2:*:*:*:*:*:*']",0,0
CVE-2021-27490,Siemens,0.00136,7.8,0.0,1.0,0.0,0.0,0,2021-05-27,1.0,2021-05-25,,,1.0,"Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-125'],"['cpe:2.3:a:datakit:crosscadware:*:*:*:*:*:*:*:*', 'cpe:2.3:a:luxion:keyshot:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:solid_edge_se2020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:solid_edge_se2020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:solid_edge_se2021:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:solid_edge_se2021_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-27494,Siemens,0.00428,7.8,0.0,1.0,0.0,0.0,0,2021-05-27,1.0,2021-05-25,,,1.0,"Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. This could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-121'],"['cpe:2.3:a:datakit:crosscadware:*:*:*:*:*:*:*:*', 'cpe:2.3:a:luxion:keyshot:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:solid_edge_se2020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:solid_edge_se2020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:solid_edge_se2021_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:solid_edge_se2021:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44165,Siemens,0.00226,7.2,0.0,1.0,0.0,0.0,0,2021-12-14,1.0,2021-12-14,,,1.0,"A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-121'],"['cpe:2.3:o:siemens:7kg9501-0aa01-2aa1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:7kg9501-0aa01-2aa1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:7kg9501-0aa31-0aa1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:7kg9501-0aa31-0aa1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:7kg9501-0aa31-2aa1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:7kg9501-0aa31-2aa1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:7kg9501-0aa01-0aa1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:7kg9501-0aa01-0aa1:-:*:*:*:*:*:*:*']",0,0
CVE-2022-24282,Siemens,0.00088,7.2,0.0,0.0,1.0,0.0,0,2022-03-08,1.0,2022-10-11,,,0.0,"A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). The affected system allows to upload JSON objects that are deserialized to Java objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacker could exploit this vulnerability by sending a maliciously crafted serialized Java object. This could allow the attacker to execute arbitrary code on the device with root privileges.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-502'],['cpe:2.3:a:siemens:sinec_network_management_system:*:*:*:*:*:*:*:*'],0,0
CVE-2022-25311,Siemens,0.00044,7.2,0.0,0.0,1.0,0.0,0,2022-03-08,1.0,2022-10-11,,,0.0,"A vulnerability has been identified in SINEC NMS (All versions >= V1.0.3 < V2.0), SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This could allow an authenticated low privileged user to achieve privilege escalation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.3,5.9,"['CWE-269', 'NVD-CWE-Other']","['cpe:2.3:a:siemens:sinec_network_management_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinema_server:14.0:*:*:*:*:*:*:*']",0,0
CVE-2022-27242,Siemens,0.00044,5.5,0.0,0.0,1.0,0.0,0,2022-05-20,1.0,2022-05-10,,,1.0,"A vulnerability has been identified in OpenV2G (V0.9.4). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-120'],['cpe:2.3:a:siemens:openv2g:0.9.4:*:*:*:*:*:*:*'],0,0
CVE-2022-27653,Siemens,0.00057,7.8,0.0,0.0,1.0,0.0,0,2022-05-20,1.0,2022-05-10,,,1.0,A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15594),CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],['cpe:2.3:a:siemens:simcenter_femap:*:*:*:*:*:*:*:*'],0,0
CVE-2016-7454,Vantiva,0.00129,8.0,1.0,1.0,0.0,1.0,1,2016-12-17,0.0,,0.0,,,"CSRF vulnerability on Technicolor TC dpc3941T (formerly Cisco dpc3941T) devices with firmware dpc3941-P20-18-v303r20421733-160413a-CMCST allows an attacker to change the Wi-Fi password, open the remote management interface, or reset the router.",CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['CWE-352'],"['cpe:2.3:o:technicolor:xfinity_gateway_router_dpc3941t_firmware:dpc3941-p20-18-v303r20421733-160413a-cmcst:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:xfinity_gateway_router_dpc3941t:-:*:*:*:*:*:*:*']",1,0
CVE-2017-11320,Vantiva,0.00141,6.1,1.0,1.0,0.0,1.0,1,2017-08-03,0.0,,0.0,,,Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor TC7337 routers 08.89.17.20.00 allows an attacker to cause DNS Poisoning and steal credentials from the router.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:technicolor:tc7337_firmware:08.89.17.20.00:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7337:-:*:*:*:*:*:*:*']",1,0
CVE-2017-14127,Vantiva,0.00429,9.8,0.0,1.0,0.0,1.0,1,2017-09-04,0.0,,0.0,,,Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mnt_ping.cgi.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:technicolor:td5336_firmware:7.0:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:td5336:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5135,Vantiva,0.01306,9.1,1.0,1.0,0.0,1.0,1,2017-04-27,0.0,,0.0,,,"Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor (formerly Cisco) DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from the Internet; also, you can write in the MIB because it provides write properties, aka Stringbleed. NOTE: the string-bleed/StringBleed-CVE-2017-5135 GitHub repository is not a valid reference as of 2017-04-27; it contains Trojan horse code purported to exploit this vulnerability.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['NVD-CWE-noinfo'],"['cpe:2.3:o:technicolor:dpc3928sl_firmware:d3928sl-p15-13-a386-c3420r55105-160127a:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:dpc3928sl:-:*:*:*:*:*:*:*']",1,0
CVE-2018-15852,Vantiva,0.0016,6.5,0.0,1.0,0.0,1.0,1,2018-08-25,0.0,,0.0,,,"Technicolor TC7200.20 devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: Technicolor denies that the described behavior is a vulnerability and states that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack. This has been confirmed through testing against official up-to-date versions",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-400'],"['cpe:2.3:o:technicolor:tc7200.20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7200.20:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15907,Vantiva,0.0016,6.5,0.0,1.0,0.0,1.0,1,2018-08-29,0.0,,0.0,,,"Technicolor (formerly RCA) TC8305C devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: this might overlap CVE-2018-15852 and CVE-2018-16310. NOTE: Technicolor denies that the described behavior is a vulnerability and states that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack. This has been confirmed through testing against official up-to-date versions",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-400'],"['cpe:2.3:o:technicolor:tc8305c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc8305c:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16310,Vantiva,0.0016,6.5,0.0,1.0,0.0,1.0,1,2018-09-06,0.0,,0.0,,,"Technicolor TG588V V2 devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: this might overlap CVE-2018-15852 and CVE-2018-15907. NOTE: Technicolor denies that the described behavior is a vulnerability and states that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack. This has been confirmed through testing against official up-to-date versions",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-400'],"['cpe:2.3:o:technicolor:tg588v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tg588v:2:*:*:*:*:*:*:*']",0,0
CVE-2018-20379,Vantiva,0.00087,4.7,0.0,1.0,0.0,1.0,1,2018-12-23,0.0,,0.0,,,Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices allow XSS via a Cross Protocol Injection attack with setSSID of 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.1.1.3.10001.,CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,HIGH,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.6,2.7,['CWE-79'],"['cpe:2.3:o:technicolor:dpc3928sl_firmware:d3928sl-psip-13-a010-c3420r55105-160428a:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:dpc3928sl:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20381,Vantiva,0.02419,9.8,0.0,1.0,0.0,1.0,1,2018-12-23,0.0,,0.0,,,Technicolor DPC2320 dpc2300r2-v202r1244101-150420a-v6 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:technicolor:dpc2320_firmware:dpc2300r2-v202r1244101-150420a-v6:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:dpc2320:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20393,Vantiva,0.02419,9.8,0.0,1.0,0.0,1.0,1,2018-12-23,0.0,,0.0,,,"Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU, CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC, DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a, TC7110.AR STD3.38.03, TC7110.B STC8.62.02, TC7110.D STDB.79.02, TC7200.d1I TC7200.d1IE-N23E-c7000r5712-170406-HAT, and TC7200.TH2v2 SC05.00.22 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:technicolor:cga0111_firmware:cga0111e-es-13-e23e-c8000r5712-170217-0829-tru:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:cga0111:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:cga0101_firmware:cwa0101e-a23e-c7000r5712-170315-skc:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:cga0101:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:dpc3928sl_firmware:d3928sl-psip-13-a010-c3420r55105-170214a:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:dpc3928sl:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:tc7110.ar_firmware:std3.38.03:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7110.ar:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:tc7110.b_firmware:stc8.62.02:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7110.b:2.0:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:tc7110.d_firmware:stdb.79.02:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7110.d:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:tc7200.d1i_firmware:tc7200.d1ie-n23e-c7000r5712-170406-hat:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7200.d1i:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:tc7200.th2v2.d1i_firmware:sc05.00.22:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7200.th2v2.d1i:01.00:*:*:*:*:*:*:*']",0,0
CVE-2018-20394,Vantiva,0.02419,9.8,0.0,1.0,0.0,1.0,1,2018-12-23,0.0,,0.0,,,"Thomson DWG849 STC0.01.16, DWG850-4 ST9C.05.25, DWG855 ST80.20.26, and TWG870 STB2.01.36 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:technicolor:dwg849_firmware:stc0.01.16:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:dwg849:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:dwg850-4_firmware:st9c.05.25:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:dwg850-4:2.1:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:dwg855_firmware:st80.20.26:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:dwg855:2.1:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:twg870_firmware:stb2.01.36:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:twg870:1.1:*:*:*:*:*:*:*']",0,0
CVE-2018-20438,Vantiva,0.01404,9.8,0.0,1.0,0.0,1.0,1,2018-12-25,0.0,,0.0,,,Technicolor TC7110.AR STD3.38.03 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.2863.205.10.1.30.4.1.14.1.3.32 and iso.3.6.1.4.1.2863.205.10.1.30.4.2.4.1.2.32 SNMP requests.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:technicolor:tc7110.ar_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7110.ar:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20439,Vantiva,0.00515,9.8,0.0,1.0,0.0,1.0,1,2018-12-25,0.0,,0.0,,,Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.3.4.1.2.10001 SNMP requests.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:technicolor:dpc3928sl_firmware:d3928sl-psip-13-a010-c3420r55105-170214a:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:dpc3928sl:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20440,Vantiva,0.01404,9.8,0.0,1.0,0.0,1.0,1,2018-12-25,0.0,,0.0,,,Technicolor CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.3.4.1.2.10001 SNMP requests.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:technicolor:cwa0101_firmware:cwa0101e-a23e-c7000r5712-170315-skc:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:cwa0101:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20441,Vantiva,0.01404,9.8,0.0,1.0,0.0,1.0,1,2018-12-25,0.0,,0.0,,,Technicolor TC7200.TH2v2 SC05.00.22 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.2863.205.10.1.30.4.1.14.1.3.32 and iso.3.6.1.4.1.2863.205.10.1.30.4.2.4.1.2.32 SNMP requests.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:technicolor:tc7200.th2v2_firmware:sc05.00.22:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7200.th2v2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20442,Vantiva,0.01404,9.8,0.0,1.0,0.0,1.0,1,2018-12-25,0.0,,0.0,,,Technicolor TC7110.B STC8.62.02 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.2863.205.10.1.30.4.1.14.1.3.32 and iso.3.6.1.4.1.2863.205.10.1.30.4.2.4.1.2.32 SNMP requests.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:technicolor:tc7110.b_firmware:stc8.62.02:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7110.b:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20443,Vantiva,0.01404,9.8,0.0,1.0,0.0,1.0,1,2018-12-25,0.0,,0.0,,,Technicolor TC7200.d1I TC7200.d1IE-N23E-c7000r5712-170406-HAT devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.3.4.1.2.10001 SNMP requests.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:technicolor:tc7200.d1i_firmware:tc7200.d1ie-n23e-c7000r5712-170406-hat:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7200.d1i:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20444,Vantiva,0.00515,9.8,0.0,1.0,0.0,1.0,1,2018-12-25,0.0,,0.0,,,Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.3.4.1.2.10001 SNMP requests.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:technicolor:cga0111_firmware:cga0111e-es-13-e23e-c8000r5712-170217-0829-tru:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:cga0111:-:*:*:*:*:*:*:*']",0,0
CVE-2018-8827,Vantiva,0.00323,6.1,0.0,1.0,0.0,1.0,1,2019-01-03,0.0,,0.0,,,"The admin web interface on Technicolor MediaAccess TG789vac v2 HP devices with firmware v16.3.7190-2761005-20161004084353 displays unsanitised user input, which allows an unauthenticated malicious user to embed JavaScript into the Log viewer interface via a crafted HTTP Referer header, aka XSS.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:technicolor:tg789vac_firmware:16.3.7190-2761005-20161004084353:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tg789vac:2:*:*:*:*:*:*:*']",0,0
CVE-2019-19494,Vantiva,0.15168,8.8,0.0,1.0,0.0,1.0,1,2020-01-09,0.0,,0.0,,,"Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21_T4, Sagemcom F@st 3890 prior to 05.76.6.3f, Sagemcom F@st 3686 3.428.0, Sagemcom F@st 3686 4.83.0, NETGEAR CG3700EMR 2.01.05, NETGEAR CG3700EMR 2.01.03, NETGEAR C6250EMR 2.01.05, NETGEAR C6250EMR 2.01.03, Technicolor TC7230 STEB 01.25, COMPAL 7284E 5.510.5.11, and COMPAL 7486E 5.510.5.11.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-120'],"['cpe:2.3:o:sagemcom:f\\@st_3890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:f\\@st_3890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sagemcom:f\\@st_3890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:f\\@st_3890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sagemcom:f\\@st_3686_firmware:3.428.0:*:*:*:*:*:*:*', 'cpe:2.3:o:sagemcom:f\\@st_3686_firmware:4.83.0:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:f\\@st_3686:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:cg3700emr_firmware:2.01.03:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:cg3700emr_firmware:2.01.05:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:cg3700emr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:c6250emr_firmware:2.01.03:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:c6250emr_firmware:2.01.05:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:c6250emr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:tc7230_steb_firmware:01.25:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7230_steb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:compal:7284e_firmware:5.510.5.11:*:*:*:*:*:*:*', 'cpe:2.3:h:compal:7284e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:compal:7486e_firmware:5.510.5.11:*:*:*:*:*:*:*', 'cpe:2.3:h:compal:7486e:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19495,Vantiva,0.03213,9.8,0.0,1.0,0.0,1.0,1,2020-01-08,0.0,,0.0,,,"The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. The attacker can then configure the cable modem to port forward the modem's internal TELNET server, allowing external access to a root shell.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],"['cpe:2.3:o:technicolor:tc7230_steb_firmware:0.1.25:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7230_steb:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10376,Vantiva,0.01218,9.8,0.0,1.0,0.0,1.0,1,2020-03-11,0.0,,0.0,,,"Technicolor TC7337NET 08.89.17.23.03 devices allow remote attackers to discover passwords by sniffing the network for an ""Authorization: Basic"" HTTP header.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-319'],"['cpe:2.3:o:technicolor:tc7337net_firmware:08.89.17.23.03:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7337net:-:*:*:*:*:*:*:*']",0,0
CVE-2020-11449,Vantiva,0.00485,7.5,0.0,1.0,0.0,1.0,1,2020-04-01,0.0,,0.0,,,"An issue was discovered on Technicolor TC7337 8.89.17 devices. An attacker can discover admin credentials in the backup file, aka backupsettings.conf.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-522'],"['cpe:2.3:o:technicolor:tc7337_firmware:8.89.17:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7337:-:*:*:*:*:*:*:*']",0,0
CVE-2018-25034,Vantiva,0.00084,5.4,0.0,1.0,0.0,1.0,0,2022-06-12,0.0,,0.0,,,"A vulnerability, which was classified as problematic, has been found in Thomson TCW710 ST5D.10.05. This issue affects some unknown processing of the file /goform/wlanPrimaryNetwork. The manipulation of the argument ServiceSetIdentifier with the input ><script>alert(1)</script> as part of POST Request leads to basic cross site scripting (Persistent). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-126695.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,"['CWE-80', 'CWE-79']","['cpe:2.3:o:technicolor:thomson_tcw710_firmware:st5d.10.05:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:thomson_tcw710:-:*:*:*:*:*:*:*']",0,0
CVE-2018-25035,Vantiva,0.00073,5.4,0.0,1.0,0.0,1.0,0,2022-06-12,0.0,,0.0,,,"A vulnerability, which was classified as problematic, was found in Thomson TCW710 ST5D.10.05. Affected is an unknown function of the file /goform/RGFirewallEL. The manipulation of the argument EmailAddress/SmtpServerName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,"['CWE-79', 'CWE-80']","['cpe:2.3:h:technicolor:thomson_tcw710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:thomson_tcw710_firmware:st5d.10.05:*:*:*:*:*:*:*']",0,0
CVE-2018-25036,Vantiva,0.00073,5.4,0.0,1.0,0.0,1.0,0,2022-06-12,0.0,,0.0,,,A vulnerability has been found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/RgTime. The manipulation of the argument TimeServer1/TimeServer2/TimeServer3 with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack can be launched remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,"['CWE-79', 'CWE-80']","['cpe:2.3:o:technicolor:thomson_tcw710_firmware:st5d.10.05:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:thomson_tcw710:-:*:*:*:*:*:*:*']",0,0
CVE-2018-25037,Vantiva,0.00073,5.4,0.0,1.0,0.0,1.0,0,2022-06-12,0.0,,0.0,,,A vulnerability was found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this issue is some unknown functionality of the file /goform/RgDdns. The manipulation of the argument DdnsHostName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack may be launched remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,"['CWE-79', 'CWE-80']","['cpe:2.3:o:technicolor:thomson_tcw710_firmware:st5d.10.05:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:thomson_tcw710:-:*:*:*:*:*:*:*']",0,0
CVE-2018-25038,Vantiva,0.00073,5.4,0.0,1.0,0.0,1.0,0,2022-06-12,0.0,,0.0,,,A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been classified as problematic. This affects an unknown part of the file /goform/RgDhcp. The manipulation of the argument PppUserName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,"['CWE-79', 'CWE-80']","['cpe:2.3:o:technicolor:thomson_tcw710_firmware:st5d.10.05:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:thomson_tcw710:-:*:*:*:*:*:*:*']",0,0
CVE-2018-25039,Vantiva,0.00103,5.4,0.0,1.0,0.0,1.0,0,2022-06-12,0.0,,0.0,,,A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/RgUrlBlock.asp. The manipulation of the argument BasicParentalNewKeyword with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,"['CWE-79', 'CWE-80']","['cpe:2.3:o:technicolor:thomson_tcw710_firmware:st5d.10.05:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:thomson_tcw710:-:*:*:*:*:*:*:*']",0,0
CVE-2019-17523,Vantiva,0.00145,5.4,0.0,1.0,0.0,1.0,0,2019-11-13,0.0,,0.0,,,An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the FileName parameter to /FTPDiag.asp.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:h:technicolor:tc7300.b0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:tc7300.b0_firmware:stfa.51.20:*:*:*:*:*:*:*']",0,0
CVE-2019-17524,Vantiva,0.00145,5.4,0.0,1.0,0.0,1.0,0,2019-11-13,0.0,,0.0,,,"An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the ""Connected Clients"" field to /wlanAccess.asp. An intranet host can use a crafted hostname to exploit this.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:technicolor:tc7300.b0_firmware:stfa.51.20:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7300.b0:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18396,Vantiva,0.04831,7.2,1.0,1.0,0.0,1.0,0,2019-10-31,0.0,,0.0,,,An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OI_Fw_V20 allows remote attackers to execute arbitrary OS commands in the pingAddr parameter to mnt_ping.cgi. NOTE: This may overlap CVE-2017–14127.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:technicolor:td5130v2_firmware:oi_fw_v20:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:td5130v2:-:*:*:*:*:*:*:*']",1,0
CVE-2016-7830,Sony,0.00063,8.8,0.0,1.0,0.0,1.0,1,2017-06-09,1.0,2016-12-16,,,1.0,"Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-306'],"['cpe:2.3:o:sony:pcs-xg100_firmware:1.50:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:pcs-xg100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:pcs-xg100s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:pcs-xg100_firmware:1.42:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:pcs-xg100c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:pcs-xg77_firmware:1.50:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:pcs-xg77:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:pcs-xg77s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:pcs-xg77_firmware:1.42:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:pcs-xg77c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:pcs-xc1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:pcs-xc1:-:*:*:*:*:*:*:*']",0,0
CVE-2016-7834,Sony,0.00153,8.8,0.0,1.0,0.0,0.0,1,2017-04-13,1.0,2016-12-26,,,1.0,"SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C network cameras with firmware before Ver.1.86.00 and SONY SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL network cameras with firmware before Ver.2.7.2 are prone to sensitive information disclosure. This may allow an attacker on the same local network segment to login to the device with administrative privileges and perform operations on the device.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-200'],"['cpe:2.3:o:sony:snc_series_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-cx600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-cx600w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb600b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb602r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb630b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb632r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em601:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em602r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em602rc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em631:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em632r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em632rc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vb600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vb600b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vb600b5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vb600l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vb630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vb6305:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vb6307:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vb632d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vb635:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vm600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vm600b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vm600b5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vm600l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vm601:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vm601b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vm602r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vm630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vm6305:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vm6307:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vm631:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-vm632r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-wr600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-wr602:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-wr602c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-wr602cl:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-wr630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-wr632:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-wr632c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-xm631:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-xm631l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-xm632:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-xm636:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-xm637:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc_series_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-ch115:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-ch120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-ch160:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-ch220:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-ch260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-dh120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-dh120t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-dh160:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-dh220:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-dh220t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-dh260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em521:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-ep520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-ep521:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-ep550:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-ep580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-er520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-er521:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-er521c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-er550:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-er550c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-er580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-er585:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-er585h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-zb550:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-zm550:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-zm551:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-zp550:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-zr550:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2275,Sony,0.00104,7.2,0.0,1.0,0.0,1.0,1,2017-07-22,0.0,,1.0,2017-07-19,,WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:sony:wg-c10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wg-c10:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2276,Sony,0.0009,7.2,0.0,1.0,0.0,1.0,1,2017-07-22,0.0,,1.0,2017-07-19,,Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary commands via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-119'],"['cpe:2.3:o:sony:wg-c10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wg-c10:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2277,Sony,0.00202,9.1,0.0,1.0,0.0,1.0,1,2017-07-22,0.0,,1.0,2017-07-19,,WG-C10 v3.0.79 and earlier allows an attacker to bypass access restrictions to obtain or alter information stored in the external storage connected to the product via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['NVD-CWE-noinfo'],"['cpe:2.3:h:sony:wg-c10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wg-c10_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2017-2286,Sony,0.00059,7.8,0.0,1.0,0.0,1.0,1,2017-08-02,1.0,2017-07-28,,,1.0,"Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],"['cpe:2.3:h:sony:rc-s310:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:rc-s320:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:rc-s330:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:rc-s370:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:rc-s380:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:rc-s380\\/s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:nfc_port_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:rc-s310\\/ed4c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:rc-s310\\/j1c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:rc-s320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:nfc_port_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:pc\\/sc_activator_for_type_b:*:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:sfcard_viewer_2:2.5.0.0:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:nfc_net_installer:*:*:*:*:*:*:*:*']",0,0
CVE-2018-14983,Sony,0.00042,5.5,0.0,1.0,0.0,1.0,1,2019-04-25,0.0,,0.0,,,"The Sony Xperia L1 Android device with a build fingerprint of Sony/G3313/G3313:7.0/43.0.A.6.49/2867558199:user/release-keys contains the android framework (i.e., system_server) with a package name of android (versionCode=24, versionName=7.0) that has been modified by Sony or another entity in the supply chain. The system_server process in the core android package has an exported broadcast receiver that allows any app co-located on the device to programmatically initiate the taking of a screenshot and have the resulting screenshot be written to external storage. The taking of a screenshot is not transparent to the user; the device has a screen animation as the screenshot is taken and there is a notification indicating that a screenshot occurred. If the attacking app also requests the EXPAND_STATUS_BAR permission, it can wake the device up using certain techniques and expand the status bar to take a screenshot of the user's notifications even if the device has an active screen lock. The notifications may contain sensitive data such as text messages used in two-factor authentication. The system_server process that provides this capability cannot be disabled, as it is part of the Android framework. The notification can be removed by a local Denial of Service (DoS) attack to reboot the device.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-20'],"['cpe:2.3:o:sony:xperia_l1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xperia_l1:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3937,Sony,0.00554,7.2,0.0,1.0,0.0,1.0,1,2018-08-14,1.0,2018-07-19,,,1.0,An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:sony:snc-eb600_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-eb630_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-eb600b_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb600b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-eb630b_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb630b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-eb602r_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb602r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-eb632r_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb632r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em600_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em601_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em601:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em630_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em631_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em631:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em602r_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em602r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em632r_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em632r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em602rc_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em602rc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em632rc_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em632rc:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3938,Sony,0.01499,10.0,0.0,1.0,0.0,1.0,1,2018-08-14,1.0,2018-07-19,,,1.0,"An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST request to trigger this vulnerability.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,6.0,['CWE-787'],"['cpe:2.3:o:sony:snc-eb600_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-eb630_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-eb600b_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb600b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-eb630b_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb630b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-eb602r_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb602r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-eb632r_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-eb632r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em600_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em601_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em601:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em630_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em631_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em631:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em602r_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em602r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em632r_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em632r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em602rc_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em602rc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:snc-em632rc_firmware:1.87.00:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:snc-em632rc:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11889,Sony,0.02267,7.5,0.0,1.0,0.0,1.0,1,2019-07-09,0.0,,0.0,,,Sony BRAVIA Smart TV devices allow remote attackers to cause a denial of service (device hang) via a crafted web page over HbbTV.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:sony:bravia_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:bravia:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11890,Sony,0.01819,7.5,0.0,1.0,0.0,1.0,1,2019-07-09,0.0,,0.0,,,Sony Bravia Smart TV devices allow remote attackers to cause a denial of service (device hang or reboot) via a SYN flood attack over a wired or Wi-Fi LAN.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-400'],"['cpe:2.3:o:sony:bravia_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:bravia:-:*:*:*:*:*:*:*']",0,0
CVE-2019-12762,Sony,0.00044,4.2,0.0,1.0,0.0,1.0,1,2019-06-06,0.0,,0.0,,,"Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.",CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,PHYSICAL,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,0.5,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:mi:mi_5s_plus_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:mi_5s_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:xperia_z4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xperia_z4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_s6_edge_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s6_edge:-:*:*:*:*:*:*:*', 'cpe:2.3:o:samsung:galaxy_s4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:nexus_7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:google:nexus_7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:nexus_9_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sharp:aquos_zeta_sh-04f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sharp:aquos_zeta_sh-04f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15416,Sony,0.00044,7.8,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Sony keyaki_kddi Android device with a build fingerprint of Sony/keyaki_kddi/keyaki_kddi:7.1.1/TONE3-3.0.0-KDDI-170517-0326/1:user/dev-keys contains a pre-installed app with a package name of com.kddi.android.packageinstaller app (versionCode=70008, versionName=08.10.03) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:sony:xperia_xzs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xperia_xzs:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15743,Sony,0.00044,5.5,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Sony Xperia Touch Android device with a build fingerprint of Sony/blanc_windy/blanc_windy:7.0/LOIRE-SMART-BLANC-1.0.0-170530-0834/1:user/dev-keys contains a pre-installed app with a package name of com.sonymobile.android.maintenancetool.testmic app (versionCode=24, versionName=7.0) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record audio to external storage.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-610'],"['cpe:2.3:o:sony:xperia_touch_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xperia_touch:-:*:*:*:*:*:*:*']",0,0
CVE-2017-10891,Sony,0.00059,7.8,0.0,0.0,1.0,0.0,0,2017-12-01,1.0,2017-12-13,,,0.0,Untrusted search path vulnerability in Media Go version 3.2.0.191 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],['cpe:2.3:a:sony:media_go:*:*:*:*:*:*:*:*'],0,0
CVE-2017-10892,Sony,0.00059,7.8,0.0,0.0,1.0,0.0,0,2017-12-01,1.0,2017-12-13,,,0.0,Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],['cpe:2.3:a:sony:music_center:1.0.00:*:*:*:*:*:*:*'],0,0
CVE-2017-10909,Sony,0.00059,7.8,0.0,0.0,1.0,0.0,0,2017-12-22,1.0,2017-12-22,,,1.0,Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],['cpe:2.3:a:sony:music_center:*:*:*:*:*:*:*:*'],0,0
CVE-2017-17010,Sony,0.00059,7.8,0.0,0.0,1.0,0.0,0,2017-12-27,1.0,2017-12-22,,,1.0,Untrusted search path vulnerability in Content Manager Assistant for PlayStation version 3.55.7671.0901 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],['cpe:2.3:a:sony:content_manager_assistant:*:*:*:*:*:*:playstation:*'],0,0
CVE-2017-2287,Sony,0.00059,7.8,0.0,0.0,1.0,0.0,0,2017-08-02,1.0,2017-07-27,,,1.0,Untrusted search path vulnerability in NFC Port Software remover Ver.1.3.0.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:sony:nfc_port_software_remover:*:*:*:*:*:*:*:*'],0,0
CVE-2018-0600,Sony,0.0007,7.8,0.0,0.0,1.0,0.0,0,2018-06-26,0.0,,1.0,2018-05-24,,Untrusted search path vulnerability in the installer of PlayMemories Home for Windows ver.5.5.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],"['cpe:2.3:a:sony:playmemories_home:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0656,Sony,0.0007,7.8,0.0,0.0,1.0,0.0,0,2018-09-04,1.0,2018-08-21,,,1.0,Untrusted search path vulnerability in The installer of Digital Paper App version 1.4.0.16050 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],['cpe:2.3:a:sony:digital_paper_app:*:*:*:*:*:*:*:*'],0,0
CVE-2018-0690,Sony,0.00159,7.5,0.0,0.0,1.0,0.0,0,2018-11-15,1.0,2018-10-11,,,1.0,An unvalidated software update vulnerability in Music Center for PC version 1.0.02 and earlier could allow a man-in-the-middle attacker to tamper with an update file and inject executable files.,CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:sony:music_center_for_pc:*:*:*:*:*:*:*:*'],0,0
CVE-2018-16593,Sony,0.00086,8.8,0.0,1.0,0.0,1.0,0,2019-06-19,1.0,2018-08-30,,,1.0,The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection.,CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:sony:r5c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32r500c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32r503c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32r505c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40r550c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40r553c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40r555c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48r550c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48r553c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48r555c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wd75_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd751:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd756:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd759:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd751:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd756:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd759:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd751:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd756:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd759:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wd65_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40wd650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40wd653:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40wd655:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48wd650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48wd653:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48wd655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:xe70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7003:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7073:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7077:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7093:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7096:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7003:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7073:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7077:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7093:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7096:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7003:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7073:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7077:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7093:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7096:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7003:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7093:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7096:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:xf70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xf70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:we75_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43we750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43we753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43we754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43we755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we755:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:we6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32we610:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32we613:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32we615:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40we660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40we663:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40we665:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we663:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we665:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wf6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wf6:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16594,Sony,0.00073,8.1,0.0,1.0,0.0,1.0,0,2019-06-19,1.0,2018-08-30,,,1.0,The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Directory Traversal.,CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,['CWE-22'],"['cpe:2.3:o:sony:r5c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32r500c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32r503c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32r505c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40r550c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40r553c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40r555c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48r550c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48r553c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48r555c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wd75_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd751:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd756:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd759:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd751:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd756:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd759:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd751:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd756:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd759:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wd65_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40wd650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40wd653:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40wd655:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48wd650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48wd653:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48wd655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:xe70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7003:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7073:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7077:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7093:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7096:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7003:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7073:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7077:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7093:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7096:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7003:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7073:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7077:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7093:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7096:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7003:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7093:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7096:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:xf70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xf70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:we75_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43we750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43we753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43we754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43we755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we755:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:we6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32we610:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32we613:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32we615:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40we660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40we663:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40we665:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we663:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we665:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wf6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wf6:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16595,Sony,0.00066,6.5,0.0,1.0,0.0,1.0,0,2019-06-19,1.0,2018-08-30,,,1.0,The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices has a Buffer Overflow.,CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-119'],"['cpe:2.3:o:sony:r5c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32r500c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32r503c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32r505c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40r550c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40r553c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40r555c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48r550c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48r553c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48r555c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wd75_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd751:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd756:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32wd759:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd751:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd756:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43wd759:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd751:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd756:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49wd759:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wd65_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40wd650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40wd653:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40wd655:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48wd650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48wd653:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-48wd655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:xe70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7003:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7073:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7077:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7093:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-43xe7096:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7003:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7073:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7077:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7093:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-49xe7096:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7003:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7073:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7077:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7093:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-55xe7096:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7002:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7003:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7004:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7093:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kd-65xe7096:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:xf70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xf70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:we75_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43we750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43we753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43we754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-43we755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we754:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we755:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:we6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32we610:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32we613:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-32we615:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40we660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40we663:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-40we665:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we663:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-49we665:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wf6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wf6:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10844,Sony,0.00186,9.8,0.0,0.0,1.0,0.0,0,2019-04-04,0.0,,0.0,,,"nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka nnabla) through v1.0.14 relies on the HOME environment variable, which might be untrusted.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:sony:neural_network_libraries:*:*:*:*:*:*:*:*'],0,0
CVE-2019-10886,Sony,0.00255,5.9,0.0,1.0,1.0,0.0,0,2019-04-19,1.0,2019-04-12,,,1.0,An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs). This vulnerability allows an attacker to read arbitrary files without authentication over HTTP when Photo Sharing Plus application is running. This may allow an attacker to browse a particular directory (e.g. images) inside the private network.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-306'],"['cpe:2.3:h:sony:kdl-50w800c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-50w805c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-50w807c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-50w809c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-50w820c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-55w800c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-55w805c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-65w850c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-65w855c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-65w857c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-75w850c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-75w855c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:x7500d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-100z9d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-43x800d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-43x800e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-43x830c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x700d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x800c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x800d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x800e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x830c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x835c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x835d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x837c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x839c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x900e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55a1e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x700d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x800e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x805c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x806e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x807c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x809c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x810c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x850c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x850d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x855c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x855d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x857c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x857d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x900c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x900e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x905c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x907c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x930d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x930e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65a1e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x750d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x800c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x805c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x807c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x809c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x810c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x850c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x850d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x850e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x855c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x855d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x857c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x857d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x900c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x900e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x905c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x907c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x930c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x930d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x930e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x935d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x937d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65z9d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x850c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x850d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x850e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x855c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x855d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x857d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x900e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x910c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x940c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x940d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x940e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x945c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75z9d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-77a1e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-85x850d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-85x855d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-85x857d:-:*:*:*:*:*:*:*', 'cpe:2.3:a:sony:photo_sharing_plus:*:*:*:*:*:*:*:*']",0,0
CVE-2019-11336,Sony,0.00541,8.1,0.0,1.0,1.0,0.0,0,2019-05-14,1.0,2019-04-12,,,1.0,"Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backdoor API command, a different vulnerability than CVE-2019-10886.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-532'],"['cpe:2.3:a:sony:photo_sharing_plus:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-50w800c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-50w805c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-50w807c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-50w809c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-50w820c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-55w800c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-55w805c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-65w850c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-65w855c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-65w857c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-75w850c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:kdl-75w855c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:x7500d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-100z9d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-43x800d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-43x800e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-43x830c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x700d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x800c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x800d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x800e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x830c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x835c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x835d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x837c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x839c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-49x900e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55a1e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x700d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x800e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x805c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x806e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x807c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x809c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x810c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x850c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x850d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x855c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x855d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x857c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x857d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x900c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x900e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x905c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x907c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x930d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-55x930e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65a1e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x750d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x800c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x805c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x807c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x809c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x810c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x850c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x850d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x850e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x855c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x855d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x857c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x857d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x900c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x900e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x905c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x907c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x930c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x930d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x930e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x935d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65x937d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-65z9d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x850c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x850d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x850e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x855c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x855d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x857d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x900e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x910c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x940c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x940d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x940e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75x945c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-75z9d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-77a1e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-85x850d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-85x855d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xbr-85x857d:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15744,Sony,0.00044,3.3,0.0,1.0,0.0,1.0,0,2019-11-14,0.0,,0.0,,,"The Sony Xperia Xperia XZs Android device with a build fingerprint of Sony/keyaki_softbank/keyaki_softbank:7.1.1/TONE3-3.0.0-SOFTBANK-170517-0323/1:user/dev-keys contains a pre-installed app with a package name of jp.softbank.mb.tdrl app (versionCode=1413005, versionName=1.3.0) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE,LOW,1.8,1.4,['CWE-610'],"['cpe:2.3:o:sony:xperia_xzs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:xperia_xzs:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19364,Sony,0.00091,7.8,0.0,0.0,1.0,0.0,0,2019-12-04,0.0,,0.0,,,"A weak malicious user can escalate its privilege whenever CatalystProductionSuite.2019.1.exe (version 1.1.0.21) and CatalystBrowseSuite.2019.1.exe (version 1.1.0.21) installers run. The vulnerability is in the form of DLL Hijacking. The installers try to load DLLs that don’t exist from its current directory; by doing so, an attacker can quickly escalate its privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],"['cpe:2.3:a:sony:catalyst_browse:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sony:catalyst_production_suite:*:*:*:*:*:*:*:*']",0,0
CVE-2019-5981,Sony,0.0007,7.8,0.0,0.0,1.0,0.0,0,2019-07-05,1.0,2019-06-26,,,1.0,Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:sony:vaio_update:*:*:*:*:*:*:*:*'],0,0
CVE-2019-5982,Sony,0.00136,7.5,0.0,0.0,1.0,0.0,0,2019-07-05,1.0,2019-06-26,,,1.0,Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed.,CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-494'],['cpe:2.3:a:sony:vaio_update:*:*:*:*:*:*:*:*'],0,0
CVE-2020-5589,Sony,0.00077,8.8,0.0,1.0,0.0,1.0,0,2020-06-09,1.0,2020-06-23,,,0.0,"SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N with firmware versions prior to 4.5.2 have vulnerability that someone within the Bluetooth range can make the Bluetooth pairing and operate such as changing volume of the product.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-306'],"['cpe:2.3:h:sony:wf-1000x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wf-1000x_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wf-sp700n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wf-sp700n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wh-1000xm2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wh-1000xm2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wh-1000xm3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wh-1000xm3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wh-ch700n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wh-ch700n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wh-h900n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wh-h900n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wh-xb700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wh-xb700_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wh-xb900n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wh-xb900n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wi-1000x_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wi-1000x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wi-c600n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wi-c600n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:wi-sp600n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:wi-sp600n:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20793,Sony,0.00164,7.8,0.0,0.0,1.0,0.0,0,2021-08-26,1.0,2021-08-24,,,1.0,Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],"['cpe:2.3:a:sony:audio_usb_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sony:hap_music_transfer:*:*:*:*:*:*:*:*']",0,0
CVE-2021-38544,Sony,0.00522,5.9,0.0,1.0,0.0,1.0,0,2021-08-11,0.0,,0.0,,,"Sony SRS-XB33 and SRS-XB43 devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a ""Glowworm"" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensity of a device's power indicator LED is correlative to the power consumption. The sound played by the speakers affects their power consumption and as a result is also correlative to the light intensity of the LEDs. By analyzing measurements obtained from an electro-optical sensor directed at the power indicator LEDs of the speakers, we can recover the sound played by them.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:sony:srs-xb33_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:srs-xb33:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sony:srs-xb43_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sony:srs-xb43:-:*:*:*:*:*:*:*']",0,0
CVE-2022-41796,Sony,0.00068,7.8,0.0,0.0,1.0,0.0,0,2022-10-24,0.0,,1.0,2022-10-11,,Untrusted search path vulnerability in the installer of Content Transfer (for Windows) Ver.1.3 and prior allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:sony:content_transfer:*:*:*:*:*:windows:*:*'],0,0
CVE-2016-8731,Foscam,0.00192,9.8,0.0,1.0,0.0,1.0,1,2017-06-21,0.0,,0.0,,,Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:foscam:c1_webcam_firmware:1.9.1.12:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_webcam:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2805,Foscam,0.00179,9.8,0.0,1.0,0.0,1.0,1,2017-06-21,0.0,,0.0,,,An exploitable stack-based buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera. A specially crafted http request can cause a stack-based buffer overflow resulting in overwriting arbitrary data on the stack frame. An attacker can simply send an http request to the device to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:foscam:c1_hd_indoor_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_hd_indoor_camera:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2828,Foscam,0.00113,8.8,0.0,0.0,0.0,1.0,1,2017-06-21,0.0,,0.0,,,An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during account creation resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:foscam:c1_indoor_hd_camera_firmware:2.52.2.37:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_indoor_hd_camera:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2830,Foscam,0.00178,7.5,0.0,0.0,0.0,1.0,1,2017-06-21,0.0,,0.0,,,An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an HTTP request to the device to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-120'],"['cpe:2.3:o:foscam:c1_indoor_hd_camera_firmware:2.52.2.37:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_indoor_hd_camera:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2831,Foscam,0.00178,7.5,0.0,0.0,0.0,1.0,1,2017-06-21,0.0,,0.0,,,An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an HTTP request to the device to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-120'],"['cpe:2.3:o:foscam:c1_indoor_hd_camera_firmware:2.52.2.37:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_indoor_hd_camera:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2832,Foscam,0.00066,7.2,0.0,1.0,0.0,1.0,1,2018-04-24,0.0,,0.0,,,An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during a password change resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-77'],"['cpe:2.3:o:foscam:c1_firmware:2.52.2.37:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2842,Foscam,0.0013,8.8,0.0,0.0,0.0,1.0,1,2017-06-27,0.0,,0.0,,,"In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the ""msmtprc"" configuration file resulting in command execution. An attacker can simply send an HTTP request to the device to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:foscam:c1_indoor_hd_camera_firmware:2.52.2.37:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_indoor_hd_camera:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2844,Foscam,0.0013,8.8,0.0,0.0,0.0,1.0,1,2017-06-29,0.0,,0.0,,,"In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the ""msmtprc"" configuration file resulting in command execution. An attacker can simply send an HTTP request to the device to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:foscam:c1_indoor_hd_camera_firmware:2.52.2.37:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_indoor_hd_camera:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2854,Foscam,0.00293,8.1,0.0,1.0,0.0,1.0,1,2018-09-17,0.0,,0.0,,,"An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-120'],"['cpe:2.3:o:foscam:c1_firmware:2.52.2.43:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2856,Foscam,0.00293,8.1,0.0,1.0,0.0,1.0,1,2018-09-17,0.0,,0.0,,,"An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue HTTP server.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-120'],"['cpe:2.3:o:foscam:c1_firmware:2.52.2.43:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2874,Foscam,0.00231,7.5,0.0,1.0,0.0,1.0,1,2018-09-17,0.0,,0.0,,,An information disclosure vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 can allow for a user to retrieve sensitive information without authentication.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:foscam:c1_firmware:2.52.2.43:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1:-:*:*:*:*:*:*:*']",0,0
CVE-2017-7648,Foscam,0.00323,8.1,0.0,1.0,0.0,0.0,1,2017-04-10,0.0,,0.0,,,"Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-798'],"['cpe:2.3:h:foscam:c1:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_lite:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9800xe:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9826p:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9828p:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9851p:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9853ep:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9901ep:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9903p:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9928p:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:r2:*:*:*:*:*:*:*:*']",0,0
CVE-2018-19064,Foscam,0.00659,9.8,0.0,1.0,0.0,1.0,1,2018-11-07,0.0,,0.0,,,"An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ftpuser1 account has a blank password, which cannot be changed.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-521'],"['cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128:*:*:*:*:*:*:*', 'cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11:*:*:*:*:*:*:*', 'cpe:2.3:h:opticam:i5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19067,Foscam,0.00659,9.8,0.0,1.0,0.0,1.0,1,2018-11-07,0.0,,0.0,,,"An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is a hardcoded Ak47@99 password for the factory~ account.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128:*:*:*:*:*:*:*', 'cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11:*:*:*:*:*:*:*', 'cpe:2.3:h:opticam:i5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19068,Foscam,0.00061,4.9,0.0,1.0,0.0,1.0,1,2018-11-07,0.0,,0.0,,,An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128:*:*:*:*:*:*:*', 'cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11:*:*:*:*:*:*:*', 'cpe:2.3:h:opticam:i5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19070,Foscam,0.00993,7.2,0.0,1.0,0.0,1.0,1,2018-11-07,0.0,,0.0,,,"An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow remote attackers to execute arbitrary OS commands via shell metacharacters in the usrName parameter of a CGIProxy.fcgi addAccount action.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128:*:*:*:*:*:*:*', 'cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11:*:*:*:*:*:*:*', 'cpe:2.3:h:opticam:i5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19072,Foscam,0.00042,5.5,0.0,1.0,0.0,1.0,1,2018-11-07,0.0,,0.0,,,"An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/app has 0777 permissions, allowing local users to replace an archive file (within that directory) to control what is extracted to RAM at boot time.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['CWE-732'],"['cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128:*:*:*:*:*:*:*', 'cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11:*:*:*:*:*:*:*', 'cpe:2.3:h:opticam:i5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19074,Foscam,0.0011,7.5,0.0,1.0,0.0,1.0,1,2018-11-07,0.0,,0.0,,,"An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall has no effect except for blocking port 443 and partially blocking port 88.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128:*:*:*:*:*:*:*', 'cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11:*:*:*:*:*:*:*', 'cpe:2.3:h:opticam:i5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19077,Foscam,0.00267,7.5,0.0,1.0,0.0,1.0,1,2018-11-07,0.0,,0.0,,,An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. RtspServer allows remote attackers to cause a denial of service (daemon hang or restart) via a negative integer in the RTSP Content-Length header.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128:*:*:*:*:*:*:*', 'cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11:*:*:*:*:*:*:*', 'cpe:2.3:h:opticam:i5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19080,Foscam,0.00083,6.1,0.0,1.0,0.0,1.0,1,2018-11-07,0.0,,0.0,,,An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128:*:*:*:*:*:*:*', 'cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11:*:*:*:*:*:*:*', 'cpe:2.3:h:opticam:i5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19081,Foscam,0.01861,9.8,0.0,1.0,0.0,1.0,1,2018-11-07,0.0,,0.0,,,An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to execute arbitrary OS commands via the IPv4Address field.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128:*:*:*:*:*:*:*', 'cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11:*:*:*:*:*:*:*', 'cpe:2.3:h:opticam:i5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19082,Foscam,0.01097,9.8,0.0,1.0,0.0,1.0,1,2018-11-07,0.0,,0.0,,,An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to conduct stack-based buffer overflow attacks via the IPv4Address field.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:opticam:i5_application_firmware:2.21.1.128:*:*:*:*:*:*:*', 'cpe:2.3:o:opticam:i5_system_firmware:1.5.2.11:*:*:*:*:*:*:*', 'cpe:2.3:h:opticam:i5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_application_firmware:2.72.1.32:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_system_firmware:1.11.1.8:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-6830,Foscam,0.00247,7.5,0.0,1.0,0.0,1.0,1,2018-07-09,1.0,2018-05-17,,,1.0,"Directory traversal vulnerability in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote attackers to delete arbitrary files via a .. (dot dot) in the URI path component.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:foscam:c1_lite_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_lite:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9800p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9800p:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9821ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9821ep:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9821p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9821p:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9826p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9826p:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9831p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9831p:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c1_lite_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_lite:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c1_lite_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_lite:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9800p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9800p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9800p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9800p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9803p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9803p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9803p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9803p:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9851p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9851p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9815p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9815p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9815p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9815p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9816p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9816p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9816p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9816p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9961ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9961ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9900ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9900ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9900p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9901ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9901ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9928p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9928p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9803ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9803ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9853ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9853ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9803p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9803p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9851p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9851p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9821p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9821p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9826p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9826p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9831p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9831p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9821ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9821ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9821w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9821w:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9831w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9831w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9826w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9826w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9821p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9821p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9831p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9831p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9826p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9826p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9818w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9818w:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9805w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9805w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9804w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9804w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9804p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9804p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9805e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9805e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9805p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9805p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9828p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9828p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9828w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9828w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9828p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9828p_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-6832,Foscam,0.00384,7.5,0.0,1.0,0.0,1.0,1,2018-07-09,1.0,2018-05-17,,,1.0,"Stack-based buffer overflow in the getSWFlag function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote attackers to cause a denial of service (crash and reboot), via the callbackJson parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-787'],"['cpe:2.3:o:foscam:c1_lite_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_lite:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9800p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9800p:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9821ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9821ep:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9821p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9821p:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9826p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9826p:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9831p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9831p:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c1_lite_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_lite:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c1_lite_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c1_lite:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9800p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9800p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9800p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9800p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9803p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9803p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9803p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9803p:3:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9851p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9851p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9815p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9815p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9815p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9815p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9816p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9816p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9816p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9816p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:r2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:r2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:r4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:r4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:c2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:c2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9961ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9961ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9900ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9900ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9900p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9901ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9901ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9928p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9928p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9803ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9803ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9853ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9853ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9803p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9803p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9851p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9851p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9821p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9821p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9826p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9826p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9831p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9831p:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9821ep_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9821ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9821w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9821w:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9831w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9831w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9826w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9826w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9821p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9821p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9831p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9831p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9826p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9826p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9818w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9818w:2:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9805w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9805w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9804w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9804w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9804p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9804p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9805e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9805e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9805p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9805p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9828p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9828p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9828w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9828w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:fi9828p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9828p:2:*:*:*:*:*:*:*']",0,0
CVE-2022-28743,Foscam,0.00211,6.6,0.0,1.0,0.0,0.0,1,2022-04-21,1.0,2022-04-21,,,1.0,"Time-of-check Time-of-use (TOCTOU) Race Condition vulerability in Foscam R2C IP camera running System FW <= 1.13.1.6, and Application FW <= 2.91.2.66, allows an authenticated remote attacker with administrator permissions to execute arbitrary remote code via a malicious firmware patch. The impact of this vulnerability is that the remote attacker could gain full remote access to the IP camera and the underlying Linux system with root permissions. With root access to the camera's Linux OS, an attacker could effectively change the code that is running, add backdoor access, or invade the privacy of the user by accessing the live camera stream.",CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.7,5.9,['CWE-367'],"['cpe:2.3:o:foscam:r2c_application_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:foscam:r2c_system_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:r2c:-:*:*:*:*:*:*:*']",0,0
CVE-2020-28096,Foscam,0.00096,6.8,0.0,1.0,0.0,1.0,0,2020-12-28,0.0,,0.0,,,FOSCAM FHD X1 1.14.2.4 devices allow attackers (with physical UART access) to login via the ipc.fos~ password.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:foscammall:foscam_x1_firmware:1.14.2.4:*:*:*:*:*:*:*', 'cpe:2.3:h:foscammall:foscam_x1:-:*:*:*:*:*:*:*']",0,0
CVE-2021-43517,Foscam,0.00283,9.8,0.0,1.0,0.0,1.0,0,2022-04-08,0.0,,0.0,,,FOSCAM Camera FI9805E with firmware V4.02.R12.00018510.10012.143900.00000 contains a backdoor that opens Telnet port when special command is sent on port 9530.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:foscam:fi9805e_firmware:4.02.r12.00018510.10012.143900.00000:*:*:*:*:*:*:*', 'cpe:2.3:h:foscam:fi9805e:-:*:*:*:*:*:*:*']",0,0
CVE-2017-10677,Linksys,0.00112,8.8,0.0,0.0,0.0,1.0,1,2017-08-06,1.0,2017-08-03,,,1.0,"Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with Firmware Version before 2.1.41.164606, as demonstrated by a request to apply.cgi to disable SIP.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:linksys:ea4500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:ea4500:-:*:*:*:*:*:*:*']",0,0
CVE-2017-17411,Linksys,0.97407,9.8,1.0,1.0,0.0,0.0,1,2017-12-21,1.0,2017-12-18,,,1.0,This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper validation of user data before executing a system call. An attacker could leverage this vulnerability to execute code with root privileges. Was ZDI-CAN-4892.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:linksys:wvbr0_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:wvbr0:-:*:*:*:*:*:*:*']",2,0
CVE-2018-17208,Linksys,0.01061,8.8,0.0,1.0,0.0,1.0,1,2018-09-19,0.0,,0.0,,,"Linksys Velop 1.1.2.187020 devices allow unauthenticated command injection, providing an attacker with full root access, via cgi-bin/zbtest.cgi or cgi-bin/zbtest2.cgi (scripts that can be discovered with binwalk on the firmware, but are not visible in the web interface). This occurs because shell metacharacters in the query string are mishandled by ShellExecute, as demonstrated by the zbtest.cgi?cmd=level&level= substring. This can also be exploited via CSRF.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:h:linksys:velop:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linksys:velop_firmware:1.1.2.187020:*:*:*:*:*:*:*']",0,0
CVE-2018-3953,Linksys,0.00205,7.2,0.0,1.0,0.0,1.0,1,2018-10-17,1.0,2018-10-04,,,1.0,"Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04) are susceptible to OS command injection vulnerabilities due to improper filtering of data passed to and retrieved from NVRAM. Data entered into the 'Router Name' input field through the web portal is submitted to apply.cgi as the value to the 'machine_name' POST parameter. When the 'preinit' binary receives the SIGHUP signal, it enters a code path that continues until it reaches offset 0x0042B5C4 in the 'start_lltd' function. Within the 'start_lltd' function, a 'nvram_get' call is used to obtain the value of the user-controlled 'machine_name' NVRAM entry. This value is then entered directly into a command intended to write the host name to a file and subsequently executed.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:linksys:e1200_firmware:2.0.09:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:e1200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linksys:e2500_firmware:3.0.04:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:e2500:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3954,Linksys,0.00205,7.2,0.0,1.0,0.0,1.0,1,2018-10-17,1.0,2018-10-04,,,1.0,Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04) are susceptible to OS command injection vulnerabilities due to improper filtering of data passed to and retrieved from NVRAMData entered into the 'Router Name' input field through the web portal is submitted to apply.cgi as the value to the 'machine_name' POST parameter. When the 'preinit' binary receives the SIGHUP signal it enters a code path that calls a function named 'set_host_domain_name' from its libshared.so shared object.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:linksys:e1200_firmware:2.0.09:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:e1200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linksys:e2500_firmware:3.0.04:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:e2500:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3955,Linksys,0.00227,7.2,0.0,1.0,0.0,1.0,1,2018-10-17,1.0,2018-10-04,,,1.0,"An exploitable operating system command injection exists in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04). Specially crafted entries to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send an authenticated HTTP request to trigger this vulnerability. Data entered into the 'Domain Name' input field through the web portal is submitted to apply.cgi as the value to the 'wan_domain' POST parameter. The wan_domain data goes through the nvram_set process described above. When the 'preinit' binary receives the SIGHUP signal it enters a code path that calls a function named 'set_host_domain_name' from its libshared.so shared object.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:linksys:e1200_firmware:2.0.09:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:e1200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linksys:e2500_firmware:3.0.04:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:e2500:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11535,Linksys,0.00794,9.8,0.0,1.0,0.0,1.0,1,2019-07-17,1.0,2019-05-16,,,1.0,Unsanitized user input in the web interface for Linksys WiFi extender products (RE6400 and RE6300 through 1.2.04.022) allows for remote command execution. An attacker can access system OS configurations and commands that are not intended for use beyond the web UI.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:linksys:re6400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:re6400:1:*:*:*:*:*:*:*', 'cpe:2.3:o:linksys:re6300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:re6300:1:*:*:*:*:*:*:*']",0,0
CVE-2019-16340,Linksys,0.00942,9.8,0.0,1.0,0.0,1.0,1,2019-11-21,1.0,2019-07-22,,,1.0,Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-425'],"['cpe:2.3:o:linksys:velop_whw0303_firmware:1.1.8.192419:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:velop_whw0303:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linksys:velop_whw0302_firmware:1.1.8.192419:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:velop_whw0302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linksys:velop_whw0301_firmware:1.1.8.192419:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:velop_whw0301:-:*:*:*:*:*:*:*']",0,0
CVE-2019-7311,Linksys,0.00046,7.8,0.0,1.0,0.0,1.0,1,2019-06-06,0.0,,0.0,,,"An issue was discovered on Linksys WRT1900ACS 1.0.3.187766 devices. A lack of encryption in how the user login cookie (admin-auth) is stored on a victim's computer results in the admin password being discoverable by a local attacker, and usable to gain administrative access to the victim's router. The admin password is stored in base64 cleartext in an ""admin-auth"" cookie. An attacker sniffing the network at the time of login could acquire the router's admin password. Alternatively, gaining physical access to the victim's computer soon after an administrative login could result in compromise.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-311'],"['cpe:2.3:o:linksys:wrt1900acs_firmware:1.0.3.187766:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:wrt1900acs:-:*:*:*:*:*:*:*']",0,0
CVE-2019-7579,Linksys,0.00365,7.5,0.0,1.0,0.0,1.0,1,2019-06-17,0.0,,0.0,,,"An issue was discovered on Linksys WRT1900ACS 1.0.3.187766 devices. An ability exists for an unauthenticated user to browse a confidential ui/1.0.99.187766/dynamic/js/setup.js.localized file on the router's webserver, allowing for an attacker to identify possible passwords that the system uses to set the default guest network password. An attacker can use this list of 30 words along with a random 2 digit number to brute force their access onto a router's guest network.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-287'],"['cpe:2.3:o:linksys:wrt1900acs_firmware:1.0.3.187766:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:wrt1900acs:-:*:*:*:*:*:*:*']",0,0
CVE-2020-35713,Linksys,0.95916,9.8,0.0,1.0,0.0,1.0,1,2020-12-26,1.0,2020-06-24,,,1.0,Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:linksys:re6500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:re6500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-35714,Linksys,0.00942,8.8,0.0,1.0,0.0,1.0,1,2020-12-26,1.0,2020-06-24,,,1.0,Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:linksys:re6500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:re6500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-35715,Linksys,0.00942,8.8,0.0,1.0,0.0,1.0,1,2020-12-26,1.0,2020-06-24,,,1.0,Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote authenticated users to execute arbitrary commands via shell metacharacters in a filename to the upload_settings.cgi page.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:linksys:re6500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:re6500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-35716,Linksys,0.00515,7.5,0.0,1.0,0.0,1.0,1,2020-12-26,1.0,2020-06-24,,,1.0,Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to cause a persistent denial of service (segmentation fault) via a long /goform/langSwitch langSelectionOnly parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:linksys:re6500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:re6500:-:*:*:*:*:*:*:*']",0,0
CVE-2022-24372,Linksys,0.00088,4.6,0.0,1.0,0.0,1.0,1,2022-04-27,0.0,,0.0,,,Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.9,3.6,['CWE-59'],"['cpe:2.3:o:linksys:mr9600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:mr9600:-:*:*:*:*:*:*:*']",0,0
CVE-2022-38555,Linksys,0.00214,9.8,0.0,1.0,0.0,1.0,1,2022-08-28,0.0,,0.0,,,Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:linksys:e1200_firmware:1.0.04:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:e1200:-:*:*:*:*:*:*:*']",0,0
CVE-2022-35572,Linksys,0.00205,7.5,0.0,1.0,0.0,1.0,0,2022-09-12,0.0,,0.0,,,"On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, (and potentially other vendors/devices due to code reuse), the /SysInfo.htm URI does not require a session ID. This web page calls a show_sysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses, serial numbers, WPS Pins, and hardware/firmware versions, and prints this information into the web page. This web page is visible when remote management is enabled. A user who has access to the web interface of the device can extract these secrets. If the device has remote management enabled and is connected directly to the internet, this vulnerability is exploitable over the internet without interaction.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:o:linksys:e5350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:linksys:e5350:-:*:*:*:*:*:*:*']",0,0
CVE-2017-10930,ZTE,0.00245,9.8,0.0,1.0,0.0,1.0,1,2017-09-19,1.0,2017-08-10,,,1.0,"The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being able to download configuration files to steal information like administrator accounts and passwords.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-552'],"['cpe:2.3:o:zte:zxr10_1800-2s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxr10_1800-2s:-:*:*:*:*:*:*:*']",0,0
CVE-2017-10931,ZTE,0.0019,7.5,0.0,1.0,0.0,1.0,1,2017-09-19,1.0,2017-08-10,,,1.0,"The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download of the file directory range for WEB users, resulting in the ability to download any files and cause information leaks such as system configuration.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:zte:zxr10_1800-2s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxr10_1800-2s:-:*:*:*:*:*:*:*']",0,0
CVE-2017-10937,ZTE,0.00112,7.5,0.0,1.0,0.0,1.0,1,2018-07-25,1.0,2017-12-08,,,1.0,"SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the disclosure of database information.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-89'],"['cpe:2.3:o:zte:zxiptv-ucm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxiptv-ucm:-:*:*:*:*:*:*:*']",0,0
CVE-2017-3216,ZTE,0.00754,9.8,0.0,1.0,0.0,1.0,1,2017-06-20,0.0,,1.0,2017-07-24,,"WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:o:greenpacket:ox350_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:greenpacket:ox350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bm2022_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:bm2022:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:hes-309m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hes-309m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:hes-319m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hes-319m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:hes-319m2w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hes-319m2w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:hes-339m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hes-339m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mada:soho_wireless_router_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mada:soho_wireless_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:ox-330p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:ox-330p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:max218m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:max218m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:max218m1w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:max218m1w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:max218mw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:max218mw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:max308m_fimware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:max308m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:max318m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:max318m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zyxel:max338m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:max338m:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7355,ZTE,0.00124,6.1,1.0,1.0,0.0,1.0,1,2018-09-26,0.0,,1.0,2018-09-10,,"All versions up to V1.0.0B05 of ZTE MF65 and all versions up to V1.0.0B02 of ZTE MF65M1 are impacted by cross-site scripting vulnerability. Due to improper neutralization of input during web page generation, an attacker could exploit this vulnerability to conduct reflected XSS or HTML injection attacks on the devices.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:zte:mf65_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf65m1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf65m1:-:*:*:*:*:*:*:*']",1,0
CVE-2018-7356,ZTE,0.00169,7.5,0.0,1.0,0.0,1.0,1,2018-11-01,1.0,2018-10-31,,,1.0,"All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers to spoof connections.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-294'],"['cpe:2.3:o:zte:zxr10_8905e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxr10_8905e:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7357,ZTE,0.16016,8.8,1.0,1.0,0.0,1.0,1,2018-11-14,1.0,2018-11-13,,,1.0,"ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper access control vulnerability, which may allow an unauthorized user to gain unauthorized access.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-306'],"['cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t2:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t5:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t7:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_h168n:-:*:*:*:*:*:*:*']",1,1
CVE-2018-7360,ZTE,0.0012,6.5,0.0,1.0,0.0,0.0,1,2018-11-16,1.0,2019-01-29,,,0.0,"All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by information exposure vulnerability, which may allow an unauthenticated attacker to get the GPON SN information via appviahttp service.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-200'],"['cpe:2.3:o:zte:zxhn_f670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_f670:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7361,ZTE,0.001,6.5,0.0,1.0,0.0,1.0,1,2018-11-16,1.0,2019-01-29,,,0.0,"All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by null pointer dereference vulnerability, which may allows an attacker to cause a denial of service via appviahttp service.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-476'],"['cpe:2.3:o:zte:zxhn_f670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_f670:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7362,ZTE,0.00077,8.8,0.0,1.0,0.0,0.0,1,2018-11-16,1.0,2019-01-29,,,0.0,"All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper access control vulnerability, which may allows an unauthorized user to perform unauthorized operations on the router.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-284'],"['cpe:2.3:o:zte:zxhn_f670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_f670:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7363,ZTE,0.0012,8.8,0.0,1.0,0.0,0.0,1,2018-11-16,1.0,2019-01-29,,,0.0,"All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper authorization vulnerability. Since appviahttp service has no authorization delay, an attacker can be allowed to brute force account credentials.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-863'],"['cpe:2.3:o:zte:zxhn_f670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_f670:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3418,ZTE,0.00054,5.4,0.0,1.0,0.0,1.0,1,2019-08-15,1.0,2019-02-01,,,1.0,"All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Due to incomplete input validation, an authorized user can exploit this vulnerability to execute malicious scripts.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:zte:zxhn_f670_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_f670:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3420,ZTE,0.0012,6.5,0.0,1.0,0.0,1.0,1,2019-11-13,1.0,2019-11-12,,,1.0,All versions up to V2.5.0_EG1T5_TED of ZTE ZXHN H108N product are impacted by an information leak vulnerability. An attacker could exploit the vulnerability to obtain sensitive information and perform unauthorized operations.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:zte:zxhn_h108n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_h108n:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3422,ZTE,0.01086,6.2,0.0,1.0,0.0,1.0,1,2019-11-07,0.0,,1.0,2019-11-05,,"The Sec Consult Security Lab reported an information disclosure vulnerability in MF910S product to ZTE PSIRT in October 2019. Through the analysis of related product team, the information disclosure vulnerability is confirmed. The MF910S product's one-click upgrade tool can obtain the Telnet remote login password in the reverse way. If Telnet is opened, the attacker can remotely log in to the device through the cracked password, resulting in information leakage. The MF910S was end of service on October 23, 2019, ZTE recommends users to choose new products for the purpose of better security.",CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.5,3.6,['CWE-200'],"['cpe:2.3:h:zte:mf910s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf910s_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3423,ZTE,0.00096,5.3,0.0,1.0,0.0,1.0,1,2019-11-18,1.0,2019-11-15,,,1.0,"permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-22'],"['cpe:2.3:h:ztehome:c520v21:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ztehome:c520v21_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-6863,ZTE,0.001,6.5,0.0,1.0,0.0,1.0,1,2020-02-27,1.0,2020-02-27,,,1.0,ZTE E8820V3 router product is impacted by a permission and access control vulnerability. Attackers could use this vulnerability to tamper with DDNS parameters and send DoS attacks on the specified URL.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:zte:e8820v3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:e8820v3:-:*:*:*:*:*:*:*']",0,0
CVE-2020-6868,ZTE,0.001,6.5,0.0,1.0,0.0,1.0,1,2020-06-01,1.0,2020-05-08,,,1.0,"There is an input validation vulnerability in a PON terminal product of ZTE, which supports the creation of WAN connections through WEB management pages. The front-end limits the length of the WAN connection name that is created, but the HTTP proxy is available to be used to bypass the limitation. An attacker can exploit the vulnerability to tamper with the parameter value. This affects: ZTE F680 V9.0.10P1N6",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-20'],"['cpe:2.3:h:zte:f680:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:f680_firmware:zxhn_f680v9.0.10p1n6:*:*:*:*:*:*:*']",0,0
CVE-2020-6872,ZTE,0.00078,6.1,0.0,1.0,0.0,0.0,1,2020-07-20,1.0,2020-07-18,,,1.0,"The server management software module of ZTE has a storage XSS vulnerability. The attacker inserts some attack codes through the foreground login page, which will cause the user to execute the predefined malicious script in the browser. This affects <R5300G4V03.08.0100/V03.07.0300/V03.07.0200/V03.07.0108/V03.07.0100/V03.05.0047/V03.05.0046/V03.05.0045/V03.05.0044/V03.05.0043/V03.05.0040/V03.04.0020;R8500G4V03.07.0103/V03.07.0101/V03.06.0100/V03.05.0400/V03.05.0020;R5500G4V03.08.0100/V03.07.0200/V03.07.0100/V03.06.0100>.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:zte:r8500g4_firmware:03.05.0020:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r8500g4_firmware:03.05.0400:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r8500g4_firmware:03.06.0100:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r8500g4_firmware:03.07.0101:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r8500g4_firmware:03.07.0103:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:r8500g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5500g4_firmware:03.06.0100:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5500g4_firmware:03.07.0100:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5500g4_firmware:03.07.0200:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5500g4_firmware:03.08.0100:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:r5500g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5300g4_firmware:03.04.0020:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5300g4_firmware:03.05.0040:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5300g4_firmware:03.05.0043:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5300g4_firmware:03.05.0044:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5300g4_firmware:03.05.0045:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5300g4_firmware:03.05.0046:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5300g4_firmware:03.05.0047:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5300g4_firmware:03.07.0100:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5300g4_firmware:03.07.0108:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5300g4_firmware:03.07.0200:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5300g4_firmware:03.07.0300:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:r5300g4_firmware:03.08.0100:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:r5300g4:-:*:*:*:*:*:*:*']",0,0
CVE-2020-6882,ZTE,0.00456,7.5,0.0,1.0,0.0,1.0,1,2020-12-21,1.0,2021-07-02,,,0.0,"ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specific topics. This affects:<ZXHN E8810, ZXHN E8820, ZXHN E8822><E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13>",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-798'],"['cpe:2.3:o:zte:zxhn_e8810_firmware:1.0.26:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_e8810_firmware:2.0.1:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_e8810:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_e8820_firmware:1.1.3:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_e8820_firmware:2.0.13:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_e8820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_e8822_firmware:2.0.13:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_e8822:-:*:*:*:*:*:*:*']",0,0
CVE-2021-21740,ZTE,0.00058,2.4,0.0,1.0,0.0,1.0,1,2021-08-09,1.0,2021-08-04,,,1.0,"There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information through the symbolic link, causing information leak.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,LOW,0.9,1.4,['CWE-59'],"['cpe:2.3:h:zte:zxhn_h2640:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_h2640_firmware:10.0.0c6_ty:*:*:*:*:*:*:*']",0,0
CVE-2021-21741,ZTE,0.00837,9.8,0.0,0.0,0.0,1.0,1,2021-08-30,1.0,2021-08-30,,,1.0,"There is a command execution vulnerability in a ZTE conference management system. As some services are enabled by default, the attacker could exploit this vulnerability to execute arbitrary commands by sending specific serialization command.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-502'],"['cpe:2.3:o:zte:zxv10_m910_firmware:1.2.16.01u01.01:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxv10_m910_firmware:1.2.19.01u01.01:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxv10_m910_firmware:1.2.20.01u01.01:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxv10_m910_firmware:1.2.21.01.04:p01:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxv10_m910:*:*:*:*:*:*:*:*']",0,0
CVE-2021-21743,ZTE,0.00315,4.3,0.0,0.0,0.0,1.0,1,2021-10-20,1.0,2021-10-15,,,1.0,ZTE MF971R product has a CRLF injection vulnerability. An attacker could exploit the vulnerability to modify the HTTP response header information through a specially crafted HTTP request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE,MEDIUM,2.8,1.4,['CWE-74'],"['cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:v1.0.0b05:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:1v1.0.0b06:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:2v1.0.0b03:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:s2v1.0.0b03:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:sv1.0.0b05:*:*:*:*:*:*:*']",0,0
CVE-2021-21746,ZTE,0.00078,6.1,0.0,0.0,0.0,1.0,1,2021-10-20,1.0,2021-10-15,,,1.0,ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:v1.0.0b05:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:1v1.0.0b06:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:2v1.0.0b03:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:s2v1.0.0b03:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:sv1.0.0b05:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*']",0,0
CVE-2021-21747,ZTE,0.00078,6.1,0.0,0.0,0.0,1.0,1,2021-10-20,1.0,2021-10-15,,,1.0,ZTE MF971R product has reflective XSS vulnerability. An attacker could use the vulnerability to obtain cookie information.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:zte:mf971r_firmware:v1.0.0b05:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:1v1.0.0b06:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:2v1.0.0b03:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:s2v1.0.0b03:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:mf971r_firmware:sv1.0.0b05:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf971r:*:*:*:*:*:*:*:*']",0,0
CVE-2022-23139,ZTE,0.00087,8.8,0.0,1.0,0.0,1.0,1,2022-05-12,1.0,2022-05-12,,,1.0,"ZTE's ZXMP M721 product has a permission and access control vulnerability. Since the folder permission viewed by sftp is 666, which is inconsistent with the actual permission. It’s easy for?users to?ignore the modification?of?the file permission configuration, so that low-authority accounts could actually obtain higher operating permissions on key files.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-863'],"['cpe:2.3:o:zte:zxmp_m721_firmware:5.10.030.006:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxmp_m721:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7364,ZTE,0.01786,9.8,0.0,0.0,1.0,0.0,0,2018-12-07,1.0,2018-12-07,,,1.0,"All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorized remote attacker can exploit this vulnerability to execute arbitrary code with root privileges.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['NVD-CWE-Other', 'CWE-284']",['cpe:2.3:a:zte:zxin10:*:*:*:*:*:*:*:*'],0,0
CVE-2018-7365,ZTE,0.00104,7.2,0.0,0.0,1.0,0.0,0,2018-12-20,1.0,2018-12-19,,,1.0,"All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-426'],"['cpe:2.3:a:zte:zxcloud_irai:*:*:*:*:*:*:*:*', 'cpe:2.3:a:zte:usmartview:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7366,ZTE,0.00118,6.8,0.0,1.0,0.0,1.0,0,2018-12-28,1.0,2018-12-26,,,1.0,"ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, the BESTV versions up to V1.2.2, the WASU versions up to V1.1.7 and the MGTV versions up to V1.4.6 have an authentication bypass vulnerability, which may allows an unauthorized user to perform unauthorized operations.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-863'],"['cpe:2.3:o:zte:zxv10_b860av2.1_chinamobile_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxv10_b860av2.1_chinamobile:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxv10_b860av2.1_chinamobile_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxv10_b860av2.1_chinamobile:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxv10_b860av2.1_chinamobile_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxv10_b860av2.1_chinamobile:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxv10_b860av2.1_chinamobile:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxv10_b860av2.1_chinamobile_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-3419,ZTE,0.00075,5.7,0.0,1.0,0.0,1.0,0,2019-10-31,1.0,2019-09-29,,,1.0,A security vulnerability exists in a management port in the version of ZTE's ZXMP M721V3.10P01B10_M2NCP. An attacker could exploit this vulnerability to build a link to the device and send specific packets to cause a denial of service.,CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.1,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:zte:zxmp_m721_dx_firmware:zxmp_m721v3.10p01b10_m2ncp:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxmp_m721_dx:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3425,ZTE,0.00236,8.8,0.0,1.0,0.0,1.0,0,2019-11-08,1.0,2019-10-31,,,1.0,"The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-732'],"['cpe:2.3:o:zte:zxupn-9000e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxupn-9000e:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3426,ZTE,0.00199,8.8,0.0,1.0,0.0,1.0,0,2019-11-08,1.0,2019-10-31,,,1.0,"The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by the input validation vulnerability. An attacker could exploit this vulnerability for unauthorized operations.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-20'],"['cpe:2.3:o:zte:zxupn-9000e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxupn-9000e:-:*:*:*:*:*:*:*']",0,0
CVE-2019-3429,ZTE,0.00084,5.3,0.0,0.0,1.0,0.0,0,2019-12-23,1.0,2019-12-18,,,1.0,"All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have a file reading vulnerability. Attackers could obtain log file information without authorization, causing the disclosure of sensitive information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-532'],['cpe:2.3:a:zte:zxcloud_goldendata_vap:*:*:*:*:*:*:*:*'],0,0
CVE-2019-3431,ZTE,0.0015,9.8,0.0,0.0,1.0,0.0,0,2019-12-23,1.0,2019-12-18,,,1.0,All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems vulnerability. Attackers could sniff unencrypted account and password through the network for front-end system access.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-311'],['cpe:2.3:a:zte:zxcloud_goldendata_vap:*:*:*:*:*:*:*:*'],0,0
CVE-2020-6866,ZTE,0.00081,4.9,0.0,1.0,0.0,1.0,0,2020-04-30,1.0,2020-04-23,,,1.0,A ZTE product is impacted by a resource management error vulnerability. An attacker could exploit this vulnerability to cause a denial of service by issuing a specific command. This affects: ZXCTN 6500 version V2.10.00R3B87.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:zte:zxctn_6500_firmware:2.10.00r3b87:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxctn_6500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-6869,ZTE,0.00065,8.1,0.0,0.0,1.0,0.0,0,2020-06-17,1.0,2020-06-17,,,1.0,All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability. Due to Activity Component exposure users can exploit this vulnerability to get the private cookie and execute silent installation.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,['NVD-CWE-noinfo'],['cpe:2.3:a:zte:ztemarket_apk:*:*:*:*:*:*:*:*'],0,0
CVE-2020-6873,ZTE,0.00169,5.3,0.0,1.0,0.0,0.0,0,2020-09-01,1.0,2020-08-17,,,1.0,"A ZTE product has a DoS vulnerability. Because the equipment couldn’t distinguish the attack packets and normal packets with valid http links, the remote attackers could use this vulnerability to cause the equipment WEB/TELNET module denial of service and make the equipment be out of management. This affects: ZXR10 2800-4_ALMPUFB(LOW), all versions up to V3.00.40.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,['NVD-CWE-noinfo'],"['cpe:2.3:o:zte:zxr10_2800-4_almpufb\\(low\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxr10_2800-4_almpufb\\(low\\):-:*:*:*:*:*:*:*']",0,0
CVE-2020-6874,ZTE,0.00516,9.1,0.0,1.0,0.0,1.0,0,2020-09-01,1.0,2020-08-25,,,1.0,"A ZTE product is impacted by the cryptographic issues vulnerability. The encryption algorithm is not properly used, so remote attackers could use this vulnerability for account credential enumeration attack or brute-force attack for password guessing. This affects: ZXIPTV, ZXIPTV-WEB-PV5.09.08.04.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['CWE-327'],"['cpe:2.3:o:zte:zxiptv_firmware:zxiptv-web-pv5.09.08.04:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxiptv:-:*:*:*:*:*:*:*']",0,0
CVE-2020-6875,ZTE,0.00263,9.8,0.0,1.0,0.0,1.0,0,2020-10-05,1.0,2020-09-24,,,1.0,"A ZTE product is impacted by the improper access control vulnerability. Due to lack of an authentication protection mechanism in the program, attackers could use this vulnerability to gain access right through brute-force attacks. This affects: <ZXONE 19700 SNPE><ZXONE8700V1.40R2B13_SNPE>",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:h:zte:zxone_19700_snpe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxone_19700_snpe_firmware:zxone8700v1.40r2b13_snpe:*:*:*:*:*:*:*']",0,0
CVE-2020-6876,ZTE,0.00066,5.4,0.0,0.0,1.0,0.0,0,2020-10-26,1.0,2020-10-26,,,1.0,"A ZTE product is impacted by an XSS vulnerability. The vulnerability is caused by the lack of correct verification of client data in the WEB module. By inserting malicious scripts into the web module, a remote attacker could trigger an XSS attack when the user browses the web page. Then the attacker could use the vulnerability to steal user cookies or destroy the page structure. This affects: eVDC ZXCLOUD-iROSV6.03.04",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:zte:evdc:zxcloud-irosv6.03.04:*:*:*:*:*:*:*'],0,0
CVE-2020-6877,ZTE,0.00104,8.8,0.0,1.0,0.0,1.0,0,2020-11-05,1.0,2020-11-05,,,1.0,A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:zte:zxa10_eodn_firmware:2.3p2t1:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_eodn:-:*:*:*:*:*:*:*']",0,0
CVE-2020-6879,ZTE,0.00075,3.5,0.0,1.0,0.0,1.0,0,2020-11-19,1.0,2020-11-13,,,1.0,"Some ZTE devices have input verification vulnerabilities. The devices support configuring a static prefix through the web management page. The restriction of the front-end code can be bypassed by constructing a POST request message and sending the request to the creation of a static routing rule configuration interface. The WEB service backend fails to effectively verify the abnormal input. As a result, the attacker can successfully use the vulnerability to tamper parameter values. This affects: ZXHN Z500 V1.0.0.2B1.1000 and ZXHN F670L V1.1.10P1N2E. This is fixed in ZXHN Z500 V1.0.1.1B1.1000 and ZXHN F670L V1.1.10P2N2.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE,LOW,2.1,1.4,['CWE-20'],"['cpe:2.3:h:zte:zxhn_z500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_z500_firmware:v1.0.0.2b1.1000:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_f670l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_f670l_firmware:v1.1.10p1n2e:*:*:*:*:*:*:*']",0,0
CVE-2020-6881,ZTE,0.00206,7.5,0.0,1.0,0.0,1.0,0,2020-12-21,1.0,2021-07-02,,,0.0,"ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. A remote attacker could connect to the MQTT server and send an MQTT exception message to the specified device, which will cause the device to deny service. This affects:<ZXHN E8810, ZXHN E8820, ZXHN E8822><E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13>",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-346'],"['cpe:2.3:o:zte:zxhn_e8810_firmware:1.0.26:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_e8810_firmware:2.0.1:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_e8810:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_e8820_firmware:1.1.3:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_e8820_firmware:2.0.13:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_e8820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_e8822_firmware:2.0.13:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_e8822:-:*:*:*:*:*:*:*']",0,0
CVE-2021-21739,ZTE,0.00058,4.6,0.0,1.0,0.0,1.0,0,2021-08-05,1.0,2021-07-28,,,1.0,"A ZTE's product of the transport network access layer has a security vulnerability. Because the system does not sufficiently verify the data reliability, attackers could replace an authenticated optical module on the equipment with an unauthenticated one, bypassing system authentication and detection, thus affecting signal transmission. This affects: <ZXCTN 6120H><V5.10.00B24>",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,0.9,3.6,['CWE-345'],"['cpe:2.3:o:zte:zxctn_6120h_firmware:5.10.00b24:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxctn_6120h:-:*:*:*:*:*:*:*']",0,0
CVE-2021-21742,ZTE,0.00065,5.5,0.0,0.0,1.0,0.0,0,2021-09-25,1.0,2021-09-24,,,1.0,"There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-Other'],['cpe:2.3:a:zte:axon_30_pro_message_service:5.3.1.2103091059:*:*:*:*:*:*:*'],0,0
CVE-2022-23135,ZTE,0.00127,6.5,0.0,1.0,0.0,1.0,0,2022-02-24,1.0,2022-02-23,,,1.0,"There is a directory traversal vulnerability in some home gateway products of ZTE. Due to the lack of verification of user modified destination path, an attacker with specific permissions could modify the FTP access path to access and modify the system path contents without authorization, which will cause information leak and affect device operation.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,HIGH,MEDIUM,1.2,5.2,['CWE-22'],"['cpe:2.3:o:zte:zxhn_f677_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_f677:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxhn_f477_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_f477:-:*:*:*:*:*:*:*']",0,0
CVE-2022-23136,ZTE,0.00054,5.4,0.0,1.0,0.0,1.0,0,2022-03-30,1.0,2022-03-30,,,1.0,There is a stored XSS vulnerability in ZTE home gateway product. An attacker could modify the gateway name by inserting special characters and trigger an XSS attack when the user views the current topology of the device through the management page.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:zte:zxhn_f680_firmware:6.0.10p3n20:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxhn_f680:-:*:*:*:*:*:*:*']",0,0
CVE-2022-23137,ZTE,0.00072,6.1,0.0,1.0,0.0,1.0,0,2022-05-11,1.0,2022-05-10,,,1.0,"ZTE's ZXCDN product has a reflective XSS vulnerability. The attacker could modify the parameters in the content clearing request url, and when a user clicks the url, an XSS attack will be triggered.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:zte:zxcdn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxcdn:-:*:*:*:*:*:*:*']",0,0
CVE-2022-23138,ZTE,0.0015,7.5,0.0,1.0,0.0,1.0,0,2022-06-09,1.0,2022-06-09,,,1.0,"ZTE's MF297D product has cryptographic issues vulnerability. Due to the use of weak random values, the security of the device is reduced, and it may face the risk of attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-330'],"['cpe:2.3:o:zte:mf297d_firmware:mf297d_nordic1_b05:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:mf297d:-:*:*:*:*:*:*:*']",0,0
CVE-2022-23142,ZTE,0.00079,5.3,0.0,1.0,0.0,1.0,0,2022-07-18,1.0,2022-07-18,,,1.0,"ZXEN CG200 has a DoS vulnerability. An attacker could construct and send a large number of HTTP GET requests in a short time, which can make the product management websites not accessible.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,['NVD-CWE-noinfo'],"['cpe:2.3:o:zte:zxen_cg200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxen_cg200:-:*:*:*:*:*:*:*']",0,0
CVE-2022-23144,ZTE,0.00108,9.1,0.0,1.0,0.0,1.0,0,2022-09-23,1.0,2022-09-19,,,1.0,"There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this vulnerability to delete the default application type, which affects normal use of system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH,CRITICAL,3.9,5.2,['NVD-CWE-Other'],"['cpe:2.3:o:zte:zxa10_b76hv3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_b76hv3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_b766v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_b766v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_b800v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_b800v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_b860av2.1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_b860av2.1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_b860h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_b860h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_b866v2-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_b866v2-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_b866v5-w10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_b866v5-w10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_b960gv1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_b960gv1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_b710c-a12_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_b710c-a12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_b710s2-a19_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_b710s2-a19:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_b836ct-a15_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_b836ct-a15:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_s100v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_s100v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_s200a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_s200a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_s200t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_s200t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:zte:zxa10_b700v7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxa10_b700v7:-:*:*:*:*:*:*:*']",0,0
CVE-2017-11344,Asus,0.01835,7.8,0.0,1.0,0.0,1.0,1,2017-07-17,0.0,,0.0,,,"Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:h:asuswrt-merlin_project:rt-ac5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_ac1900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_ac1900p_:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac68u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac68u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac68p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac68p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac88u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac88u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac66u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac66u_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac58u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac58u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac56u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac56u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac55u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac55u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac52u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac52u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac51u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac51u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n18u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n18u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n66u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n66u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n56u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n56u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac3200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac3200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac3100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac3100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_ac1200gu_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_ac1200gu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_ac1200g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_ac1200g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac1200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac1200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac53_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac53:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n12hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n12hp_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_b1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n12d1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n12d1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n12\\+_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n12\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_n12\\+_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_n12\\+_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n300:-:*:*:*:*:*:*:*']",0,0
CVE-2017-11345,Asus,0.01835,7.8,0.0,1.0,0.0,1.0,1,2017-07-17,0.0,,0.0,,,"Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:asuswrt-merlin_project:rt-ac5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_ac1900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_ac1900p_:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac68u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac68u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac68p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac68p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac88u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac88u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac66u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac66u_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac58u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac58u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac56u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac56u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac55u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac55u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac52u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac52u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac51u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac51u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n18u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n18u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n66u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n66u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n56u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n56u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac3200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac3200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac3100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac3100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_ac1200gu_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_ac1200gu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_ac1200g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_ac1200g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac1200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac1200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac53_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac53:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n12hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_b1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n12hp_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n12d1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n12d1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n12\\+_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n12\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_n12\\+_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_n12\\+_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n300:-:*:*:*:*:*:*:*']",0,0
CVE-2017-11420,Asus,0.03838,9.8,0.0,1.0,0.0,1.0,1,2017-07-18,0.0,,0.0,,,"Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:asuswrt-merlin_project:rt-ac5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_ac1900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_ac1900p_:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac68u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac68u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac68p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac68p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac88u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac88u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac66u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac66u_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac58u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac58u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac56u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac56u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac55u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac55u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac52u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac52u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac51u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac51u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n18u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n18u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n66u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n66u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n56u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n56u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac3200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac3200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac3100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac3100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_ac1200gu_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_ac1200gu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_ac1200g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_ac1200g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac1200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac1200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac53_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac53:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n12hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_b1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n12hp_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n12d1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n12d1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n12\\+_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n12\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_n12\\+_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_n12\\+_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-n300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-n300:-:*:*:*:*:*:*:*']",0,0
CVE-2017-12590,Asus,0.00088,6.1,0.0,1.0,0.0,0.0,1,2018-03-16,1.0,2018-03-16,,,1.0,"ASUS RT-N14UHP devices before 3.0.0.4.380.8015 have a reflected XSS vulnerability in the ""flag"" parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:asus:rt-n14uhp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-n14uhp:-:*:*:*:*:*:*:*']",0,0
CVE-2017-12754,Asus,0.00783,8.8,0.0,1.0,0.0,1.0,1,2017-08-09,0.0,,0.0,,,"Stack buffer overflow in httpd in Asuswrt-Merlin firmware 380.67_0RT-AC5300 and earlier for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by sending a crafted http GET request packet that includes a long delete_offline_client parameter in the url.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-119'],"['cpe:2.3:o:asuswrt-merlin:asuswrt-merlin:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac3100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac3200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac51u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac52u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac53:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac5300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac55u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac56u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac58u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac66u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac66u_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac68p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac68u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-ac88u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-n12\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-n12d1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-n12hp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-n12hp_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-n16:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-n18u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-n300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-n56u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt-n66u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt_ac1200g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt_ac1200gu:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt_ac1900p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin:rt_n12\\+_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2017-15656,Asus,0.00119,8.8,0.0,0.0,0.0,1.0,1,2018-01-31,0.0,,1.0,2017-09-18,,Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-522'],['cpe:2.3:o:asus:asuswrt:*:*:*:*:*:*:*:*'],0,0
CVE-2017-5891,Asus,0.00071,8.8,0.0,1.0,0.0,1.0,1,2017-05-10,1.0,2017-03-31,,,1.0,ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save Settings CSRF.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:asus:rt-ac1750_firmware:3.0.0.4.380.7266:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*']",0,0
CVE-2017-8877,Asus,0.00065,6.5,0.0,1.0,0.0,1.0,1,2017-05-10,1.0,2017-03-31,,,1.0,ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 allow JSONP Information Disclosure such as the SSID.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-200'],"['cpe:2.3:o:asus:rt-ac1750_firmware:3.0.0.4.380.7266:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14980,Asus,0.00042,7.1,0.0,1.0,0.0,1.0,1,2019-04-25,0.0,,0.0,,,"The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains the android framework (i.e., system_server) with a package name of android (versionCode=24, versionName=7.0) that has been modified by ASUS or another entity in the supply chain. The system_server process in the core android package has an exported broadcast receiver that allows any app co-located on the device to programmatically initiate the taking of a screenshot and have the resulting screenshot be written to external storage (i.e., sdcard). The taking of a screenshot is not transparent to the user; the device has a screen animation as the screenshot is taken and there is a notification indicating that a screenshot occurred. If the attacking app also requests the EXPAND_STATUS_BAR permission, it can wake the device up using certain techniques and expand the status bar to take a screenshot of the user's notifications even if the device has an active screen lock. The notifications may contain sensitive data such as text messages used in two-factor authentication. The system_server process that provides this capability cannot be disabled, as it is part of the Android framework. The notification can be removed by a local Denial of Service (DoS) attack to reboot the device.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,1.8,5.2,['CWE-732'],"['cpe:2.3:o:asus:zenfone_3_max_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:zenfone_3_max:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15887,Asus,0.07361,8.8,0.0,1.0,0.0,1.0,1,2018-08-27,0.0,,0.0,,,"Main_Analysis_Content.asp in ASUS DSL-N12E_C1 1.1.2.3_345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:asus:dsl-n12e_c1_firmware:1.1.2.3_345:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:dsl-n12e_c1:-:*:*:*:*:*:*:*']",0,0
CVE-2018-18320,Asus,0.0077,9.8,0.0,1.0,0.0,1.0,1,2018-10-15,0.0,,0.0,,,"An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:asuswrt-merlin_project:rt-ac5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt_ac1900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt_ac1900p_:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac68u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac68u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac68p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac68p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac88u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac88u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac66u_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac56u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac56u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac3200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac3200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac68uf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac68uf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac87_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac87:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac3100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac3100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac1900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac86u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac86u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asuswrt-merlin_project:rt-ac2900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asuswrt-merlin_project:rt-ac2900:-:*:*:*:*:*:*:*']",0,0
CVE-2018-6000,Asus,0.08998,9.8,1.0,0.0,0.0,1.0,1,2018-01-22,1.0,2018-01-26,,,0.0,"An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-862'],['cpe:2.3:o:asus:asuswrt:*:*:*:*:*:*:*:*'],2,1
CVE-2018-8878,Asus,0.00162,5.3,0.0,0.0,0.0,1.0,1,2020-02-27,0.0,,0.0,,,Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network devices' hostnames and MAC addresses by reading the custom_id variable on the blocking.asp page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-200'],"['cpe:2.3:o:asuswrt-merlin:asuswrt-merlin:*:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:asus_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-8879,Asus,0.02197,9.8,0.0,1.0,0.0,1.0,1,2019-11-21,0.0,,0.0,,,"Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac66u_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-15392,Asus,0.00044,5.5,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Asus ZenFone 4 Selfie Android device with a build fingerprint of Android/sdm660_64/sdm660_64:8.1.0/OPM1/14.2016.1802.247-20180419:user/release-keys contains a pre-installed app with a package name of com.log.logservice app (versionCode=1, versionName=1) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:asus:zenfone_4_selfie_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:zenfone_4_selfie:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15404,Asus,0.00044,7.8,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Asus ZenFone Max 4 Android device with a build fingerprint of asus/WW_Phone/ASUS_X00HD_4:7.1.1/NMF26F/14.2016.1712.367-20171225:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000020, versionName=7.0.0.4_170901) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:asus:zenfone_4_max_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:zenfone_4_max:-:*:*:*:*:*:*:*']",0,0
CVE-2020-15499,Asus,0.00078,6.1,0.0,1.0,0.0,1.0,1,2020-08-26,1.0,2020-10-07,,,0.0,An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. They allow XSS via spoofed Release Notes on the Firmware Upgrade page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:asus:rt-ac1900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3128,Asus,0.01238,7.5,0.0,1.0,0.0,1.0,1,2021-04-12,0.0,,0.0,,,"In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-834'],"['cpe:2.3:h:asus:zenwifi_ax_\\(xt8\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:zenwifi_ax_\\(xt8\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:zenwifi_ax_\\(xt8\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:zenwifi_ax_\\(xt8\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax3000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax3000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax55_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax55_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax56u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax56u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax58u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax58u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax68u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax68u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax68u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax68u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax82u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax82u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax86u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax86u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax86u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax86u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax88u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax88u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac1750_b1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac1750_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac1750_b1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac1750_b1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac1900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac1900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac1900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac1900p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac1900p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac1900u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac1900u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac1900u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac1900u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac2900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac2900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac2900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac2900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac3100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac3100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac3100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac5300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac58u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac58u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac58u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac58u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac65u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac65u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac65u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac65u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac68p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac68p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac68p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac68r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac68r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac68r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac68r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac68rw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac68rw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac68rw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac68rw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac68u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac68u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac68w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac68w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac68w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac68w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac85u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac85u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac85u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac85u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac86u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac86u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac88u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ac88u_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ac88u:-:*:*:*:*:*:*:*']",0,0
CVE-2021-41289,Asus,0.00042,6.3,0.0,1.0,0.0,1.0,1,2021-11-15,1.0,2021-11-15,,,1.0,"ASUS P453UJ contains the Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. With a general user’s permission, local attackers can modify the BIOS by replacing or filling in the content of the designated Memory DataBuffer, which causing a failure of integrity verification and further resulting in a failure to boot.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,MEDIUM,1.0,5.2,['CWE-119'],"['cpe:2.3:h:asus:p453uj:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:p453uj_bios:311:*:*:*:*:*:*:*']",0,0
CVE-2021-46247,Asus,0.003,7.5,0.0,1.0,0.0,1.0,1,2022-02-17,0.0,,0.0,,,The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-798'],"['cpe:2.3:h:asus:cmax6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:cmax6000_firmware:1.02.00:*:*:*:*:*:*:*']",0,0
CVE-2022-22054,Asus,0.00069,6.5,0.0,1.0,0.0,1.0,1,2022-01-14,1.0,2022-01-14,,,1.0,"ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-22'],"['cpe:2.3:o:asus:rt-ax56u_firmware:3.0.0.4.386.44266:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*']",0,0
CVE-2022-23970,Asus,0.00051,8.1,0.0,1.0,0.0,1.0,1,2022-04-07,1.0,2022-03-02,,,1.0,"ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another file with the same file name, which results in service disruption.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH,HIGH,2.8,5.2,['CWE-22'],"['cpe:2.3:o:asus:rt-ax56u_firmware:3.0.0.4.386.45898:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*']",0,0
CVE-2022-26672,Asus,0.00435,9.8,0.0,0.0,1.0,0.0,1,2022-04-22,1.0,2022-04-22,,,1.0,"ASUS WebStorage has a hardcoded API Token in the APP source code. An unauthenticated remote attacker can use this token to establish connections with the server and carry out login attempts to general user accounts. A successful login to a general user account allows the attacker to access, modify or delete this user account information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],['cpe:2.3:a:asus:webstorage:*:*:*:*:*:android:*:*'],0,0
CVE-2022-26673,Asus,0.00066,5.4,0.0,1.0,0.0,1.0,1,2022-04-22,1.0,2022-04-22,,,1.0,ASUS RT-AX88U has insufficient filtering for special characters in the HTTP header parameter. A remote attacker with general user privilege can exploit this vulnerability to inject JavaScript and perform Stored Cross-Site Scripting (XSS) attacks.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-ax88u_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2022-32988,Asus,0.00077,5.4,0.0,1.0,0.0,1.0,1,2022-07-01,0.0,,0.0,,,"Cross Site Scripting (XSS) vulnerability in router Asus DSL-N14U-B1 1.1.2.3_805 via the ""*list"" parameters (e.g. filter_lwlist, keyword_rulelist, etc) in every "".asp"" page containing a list of stored strings. The following asp files are affected: (1) cgi-bin/APP_Installation.asp, (2) cgi-bin/Advanced_ACL_Content.asp, (3) cgi-bin/Advanced_ADSL_Content.asp, (4) cgi-bin/Advanced_ASUSDDNS_Content.asp, (5) cgi-bin/Advanced_AiDisk_ftp.asp, (6) cgi-bin/Advanced_AiDisk_samba.asp, (7) cgi-bin/Advanced_DSL_Content.asp, (8) cgi-bin/Advanced_Firewall_Content.asp, (9) cgi-bin/Advanced_FirmwareUpgrade_Content.asp, (10) cgi-bin/Advanced_GWStaticRoute_Content.asp, (11) cgi-bin/Advanced_IPTV_Content.asp, (12) cgi-bin/Advanced_IPv6_Content.asp, (13) cgi-bin/Advanced_KeywordFilter_Content.asp, (14) cgi-bin/Advanced_LAN_Content.asp, (15) cgi-bin/Advanced_Modem_Content.asp, (16) cgi-bin/Advanced_PortTrigger_Content.asp, (17) cgi-bin/Advanced_QOSUserPrio_Content.asp, (18) cgi-bin/Advanced_QOSUserRules_Content.asp, (19) cgi-bin/Advanced_SettingBackup_Content.asp, (20) cgi-bin/Advanced_System_Content.asp, (21) cgi-bin/Advanced_URLFilter_Content.asp, (22) cgi-bin/Advanced_VPN_PPTP.asp, (23) cgi-bin/Advanced_VirtualServer_Content.asp, (24) cgi-bin/Advanced_WANPort_Content.asp, (25) cgi-bin/Advanced_WAdvanced_Content.asp, (26) cgi-bin/Advanced_WMode_Content.asp, (27) cgi-bin/Advanced_WWPS_Content.asp, (28) cgi-bin/Advanced_Wireless_Content.asp, (29) cgi-bin/Bandwidth_Limiter.asp, (30) cgi-bin/Guest_network.asp, (31) cgi-bin/Main_AccessLog_Content.asp, (32) cgi-bin/Main_AdslStatus_Content.asp, (33) cgi-bin/Main_Spectrum_Content.asp, (34) cgi-bin/Main_WebHistory_Content.asp, (35) cgi-bin/ParentalControl.asp, (36) cgi-bin/QIS_wizard.asp, (37) cgi-bin/QoS_EZQoS.asp, (38) cgi-bin/aidisk.asp, (39) cgi-bin/aidisk/Aidisk-1.asp, (40) cgi-bin/aidisk/Aidisk-2.asp, (41) cgi-bin/aidisk/Aidisk-3.asp, (42) cgi-bin/aidisk/Aidisk-4.asp, (43) cgi-bin/blocking.asp, (44) cgi-bin/cloud_main.asp, (45) cgi-bin/cloud_router_sync.asp, (46) cgi-bin/cloud_settings.asp, (47) cgi-bin/cloud_sync.asp, (48) cgi-bin/device-map/DSL_dashboard.asp, (49) cgi-bin/device-map/clients.asp, (50) cgi-bin/device-map/disk.asp, (51) cgi-bin/device-map/internet.asp, (52) cgi-bin/error_page.asp, (53) cgi-bin/index.asp, (54) cgi-bin/index2.asp, (55) cgi-bin/qis/QIS_PTM_manual_setting.asp, (56) cgi-bin/qis/QIS_admin_pass.asp, (57) cgi-bin/qis/QIS_annex_setting.asp, (58) cgi-bin/qis/QIS_bridge_cfg_tmp.asp, (59) cgi-bin/qis/QIS_detect.asp, (60) cgi-bin/qis/QIS_finish.asp, (61) cgi-bin/qis/QIS_ipoa_cfg_tmp.asp, (62) cgi-bin/qis/QIS_manual_setting.asp, (63) cgi-bin/qis/QIS_mer_cfg.asp, (64) cgi-bin/qis/QIS_mer_cfg_tmp.asp, (65) cgi-bin/qis/QIS_ppp_cfg.asp, (66) cgi-bin/qis/QIS_ppp_cfg_tmp.asp, (67) cgi-bin/qis/QIS_wireless.asp, (68) cgi-bin/query_wan_status.asp, (69) cgi-bin/query_wan_status2.asp, and (70) cgi-bin/start_apply.asp.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:asus:dsl-n14u-b1_firmware:1.1.2.3_805:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:dsl-n14u-b1:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10709,Asus,0.1771,9.8,1.0,0.0,1.0,0.0,0,2019-09-04,1.0,2019-08-29,,,1.0,"AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \\.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-264'],['cpe:2.3:a:asus:precision_touchpad:11.0.0.25:*:*:*:*:*:*:*'],1,0
CVE-2019-15405,Asus,0.00044,7.8,0.0,1.0,0.0,1.0,0,2019-11-14,0.0,,0.0,,,"The Asus ASUS_X00K_1 Android device with a build fingerprint of asus/CN_X00K/ASUS_X00K_1:7.0/NRD90M/CN_X00K-14.01.1711.27-20180420:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000015, versionName=7.0.0.3_161222) that allows other pre-installed apps to perform command execution via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-610'],"['cpe:2.3:o:asus:pegasus_4a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:pegasus_4a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:pegasus_4_max_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:pegasus_4_max:-:*:*:*:*:*:*:*']",0,0
CVE-2019-17603,Asus,0.00042,7.8,0.0,0.0,1.0,0.0,0,2020-06-02,1.0,2020-01-10,,,1.0,"Ene.sys in Asus Aura Sync through 1.07.71 does not properly validate input to IOCTL 0x80102044, 0x80102050, and 0x80102054, which allows local users to cause a denial of service (system crash) or gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],['cpe:2.3:a:asus:aura_sync:*:*:*:*:*:*:*:*'],0,0
CVE-2019-19235,Asus,0.00054,7.0,0.0,0.0,1.0,0.0,0,2019-12-18,1.0,2021-12-30,,,0.0,"AsLdrSrv.exe in ASUS ATK Package before V1.0.0061 (for Windows 10 notebook PCs) could lead to unsigned code execution with no additional execution. The user must put an application at a particular path, with a particular file name.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,HIGH,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.0,5.9,['CWE-427'],"['cpe:2.3:a:asus:atk_package:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*']",0,0
CVE-2020-15009,Asus,0.00296,7.8,0.0,0.0,1.0,0.0,0,2020-07-20,1.0,2020-10-07,,,0.0,"AsusScreenXpertServicec.exe and ScreenXpertUpgradeServiceManager.exe in ScreenPad2_Upgrade_Tool.msi V1.0.3 for ASUS PCs with ScreenPad 1.0 (UX450FDX, UX550GDX and UX550GEX) could lead to unsigned code execution with no additional restrictions when a user puts an application at a particular path with a particular file name.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],['cpe:2.3:a:asus:screenpad2_upgrade_tool:1.0.3:*:*:*:*:*:*:*'],0,0
CVE-2020-23648,Asus,0.0008,7.5,0.0,1.0,0.0,1.0,0,2022-10-19,0.0,,0.0,,,"Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system.asp / start_apply.htm, an attacker can change the administrator password without any authentication.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:h:asus:rt-n12e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rt-n12e_firmware:2.0.0.39:*:*:*:*:*:*:*']",0,0
CVE-2021-27403,Asus,0.00087,6.1,0.0,1.0,0.0,1.0,0,2021-02-19,0.0,,0.0,,,Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:asus:askey_rtf8115vw_firmware:br_sv_g11.11_rtf_tef001_v6.54_v014:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:askey_rtf8115vw:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27404,Asus,0.00105,6.1,0.0,1.0,0.0,1.0,0,2021-02-19,0.0,,0.0,,,Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-601'],"['cpe:2.3:o:asus:askey_rtf8115vw_firmware:br_sv_g11.11_rtf_tef001_v6.54_v014:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:askey_rtf8115vw:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28181,Asus,0.00348,4.9,0.0,1.0,0.0,1.0,0,2021-04-06,1.0,2021-03-29,,,1.0,"The specific function in ASUS BMC’s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-120'],"['cpe:2.3:o:asus:z10pr-d16_firmware:1.14.51:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z10pr-d16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:asmb8-ikvm_firmware:1.14.51:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:asmb8-ikvm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z10pe-d16_ws_firmware:1.14.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z10pe-d16_ws:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28183,Asus,0.00348,4.9,0.0,1.0,0.0,1.0,0,2021-04-06,1.0,2021-03-29,,,1.0,"The specific function in ASUS BMC’s firmware Web management page (Web License configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-120'],"['cpe:2.3:o:asus:z10pr-d16_firmware:1.14.51:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z10pr-d16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:asmb8-ikvm_firmware:1.14.51:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:asmb8-ikvm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z10pe-d16_ws_firmware:1.14.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z10pe-d16_ws:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28184,Asus,0.00348,4.9,0.0,1.0,0.0,1.0,0,2021-04-06,1.0,2021-03-29,,,1.0,"The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-120'],"['cpe:2.3:o:asus:z10pr-d16_firmware:1.14.51:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z10pr-d16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:asmb8-ikvm_firmware:1.14.51:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:asmb8-ikvm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z10pe-d16_ws_firmware:1.14.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z10pe-d16_ws:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28186,Asus,0.00348,4.9,0.0,1.0,0.0,1.0,0,2021-04-06,1.0,2021-03-29,,,1.0,"The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-2 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-120'],"['cpe:2.3:o:asus:z10pr-d16_firmware:1.14.51:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z10pr-d16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:asmb8-ikvm_firmware:1.14.51:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:asmb8-ikvm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z10pe-d16_ws_firmware:1.14.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z10pe-d16_ws:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28188,Asus,0.00348,4.9,0.0,1.0,0.0,1.0,0,2021-04-06,1.0,2021-03-29,,,1.0,"The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-120'],"['cpe:2.3:o:asus:z10pr-d16_firmware:1.14.51:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z10pr-d16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:asmb8-ikvm_firmware:1.14.51:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:asmb8-ikvm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z10pe-d16_ws_firmware:1.14.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z10pe-d16_ws:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28192,Asus,0.00348,4.9,0.0,1.0,0.0,1.0,0,2021-04-06,1.0,2021-03-29,,,1.0,"The specific function in ASUS BMC’s firmware Web management page (Remote video storage function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-120'],"['cpe:2.3:o:asus:asmb9-ikvm_firmware:1.11.12:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:asmb9-ikvm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs24-e_firmware:1.10.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs24-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs4_firmware:1.10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700-e9-rs4_firmware:1.09:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_g4x_firmware:1.11.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_g4x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700-e9-rs12_firmware:1.11.5:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700-e9-rs12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs100-e10-pi2_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs100-e10-pi2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs300-e10-ps4_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs300-e10-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs300-e10-rs4_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs300-e10-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9-ps4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9-rs4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9_rs4_u_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9_rs4_u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:e700_g4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:e700_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_c422_pro\\/se_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_c422_pro\\/se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_x299_pro\\/se_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_x299_pro\\/se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-u12_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-u12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-u12\\/10g-2s_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-u12\\/10g-2s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:knpa-u16_firmware:1.13.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:knpa-u16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_dhd_g4_firmware:1.13.7:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_dhd_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_g4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs24-s_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs24-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs8_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs8-s_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs8-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-d8_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-d8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-d8c_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-d8c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs24-u_firmware:1.14.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs24-u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs8-g_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs8-g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-ps4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:pro_e800_g4_firmware:1.14.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:pro_e800_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-rs4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-rs4-u_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-rs4-u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs520-e9-rs12-e_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs520-e9-rs12-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs520-e9-rs8_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs520-e9-rs8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc8000_g4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc8000_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc8000_g4\\/10g_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc8000_g4\\/10g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs12-e_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs12-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_c621e_sage_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_c621e_sage:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e10-ps4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e10-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e10-rs4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e10-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs12v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs12v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs4v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs4v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs12v2_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs12v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs24v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs24v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pr-d16_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pr-d16:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28200,Asus,0.00348,4.9,0.0,1.0,0.0,1.0,0,2021-04-06,1.0,2021-03-29,,,1.0,"The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-120'],"['cpe:2.3:o:asus:asmb9-ikvm_firmware:1.11.12:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:asmb9-ikvm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs24-e_firmware:1.10.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs24-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs4_firmware:1.10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700-e9-rs4_firmware:1.09:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_g4x_firmware:1.11.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_g4x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700-e9-rs12_firmware:1.11.5:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700-e9-rs12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs100-e10-pi2_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs100-e10-pi2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs300-e10-ps4_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs300-e10-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs300-e10-rs4_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs300-e10-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9-ps4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9-rs4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9_rs4_u_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9_rs4_u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:e700_g4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:e700_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_c422_pro\\/se_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_c422_pro\\/se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_x299_pro\\/se_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_x299_pro\\/se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-u12_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-u12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-u12\\/10g-2s_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-u12\\/10g-2s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:knpa-u16_firmware:1.13.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:knpa-u16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_dhd_g4_firmware:1.13.7:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_dhd_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_g4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs24-s_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs24-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs8_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs8-s_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs8-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-d8_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-d8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-d8c_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-d8c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs24-u_firmware:1.14.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs24-u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs8-g_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs8-g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-ps4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:pro_e800_g4_firmware:1.14.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:pro_e800_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-rs4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-rs4-u_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-rs4-u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs520-e9-rs12-e_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs520-e9-rs12-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs520-e9-rs8_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs520-e9-rs8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc8000_g4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc8000_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc8000_g4\\/10g_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc8000_g4\\/10g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs12-e_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs12-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_c621e_sage_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_c621e_sage:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e10-ps4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e10-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e10-rs4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e10-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs12v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs12v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs4v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs4v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs12v2_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs12v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs24v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs24v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pr-d16_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pr-d16:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28202,Asus,0.00348,4.9,0.0,1.0,0.0,1.0,0,2021-04-06,1.0,2021-03-29,,,1.0,"The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-120'],"['cpe:2.3:o:asus:asmb9-ikvm_firmware:1.11.12:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:asmb9-ikvm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs24-e_firmware:1.10.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs24-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs4_firmware:1.10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700-e9-rs4_firmware:1.09:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_g4x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_g4x_firmware:1.11.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700-e9-rs12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700-e9-rs12_firmware:1.11.5:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs100-e10-pi2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs100-e10-pi2_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs300-e10-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs300-e10-ps4_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs300-e10-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs300-e10-rs4_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9-ps4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9-rs4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9_rs4_u_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9_rs4_u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:e700_g4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:e700_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_c422_pro\\/se_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_c422_pro\\/se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_x299_pro\\/se_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_x299_pro\\/se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-u12_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-u12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-u12\\/10g-2s_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-u12\\/10g-2s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:knpa-u16_firmware:1.13.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:knpa-u16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_dhd_g4_firmware:1.13.7:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_dhd_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_g4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs24-s_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs24-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs8_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs8-s_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs8-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-d8_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-d8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-d8c_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-d8c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs24-u_firmware:1.14.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs24-u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs8-g_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs8-g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-ps4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:pro_e800_g4_firmware:1.14.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:pro_e800_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-rs4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-rs4-u_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-rs4-u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs520-e9-rs12-e_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs520-e9-rs12-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs520-e9-rs8_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs520-e9-rs8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc8000_g4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc8000_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc8000_g4\\/10g_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc8000_g4\\/10g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs12-e_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs12-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_c621e_sage_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_c621e_sage:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e10-ps4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e10-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e10-rs4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e10-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs12v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs12v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs4v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs4v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs12v2_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs12v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs24v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs24v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pr-d16_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pr-d16:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28205,Asus,0.00207,4.9,0.0,1.0,0.0,1.0,0,2021-04-06,1.0,2021-03-29,,,1.0,"The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.2,3.6,['CWE-22'],"['cpe:2.3:o:asus:z10pr-d16_firmware:1.14.51:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z10pr-d16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:asmb8-ikvm_firmware:1.14.51:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:asmb8-ikvm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z10pe-d16_ws_firmware:1.14.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z10pe-d16_ws:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28208,Asus,0.00207,4.9,0.0,1.0,0.0,1.0,0,2021-04-06,1.0,2021-03-29,,,1.0,"The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.2,3.6,['CWE-22'],"['cpe:2.3:o:asus:asmb9-ikvm_firmware:1.11.12:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:asmb9-ikvm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs24-e_firmware:1.10.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs24-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs4_firmware:1.10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700-e9-rs4_firmware:1.09:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_g4x_firmware:1.11.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_g4x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700-e9-rs12_firmware:1.11.5:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700-e9-rs12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs100-e10-pi2_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs100-e10-pi2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs300-e10-ps4_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs300-e10-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs300-e10-rs4_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs300-e10-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9-ps4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9-rs4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9_rs4_u_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9_rs4_u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:e700_g4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:e700_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_c422_pro\\/se_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_c422_pro\\/se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_x299_pro\\/se_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_x299_pro\\/se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-u12_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-u12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-u12\\/10g-2s_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-u12\\/10g-2s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:knpa-u16_firmware:1.13.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:knpa-u16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_dhd_g4_firmware:1.13.7:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_dhd_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_g4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs24-s_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs24-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs8_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs8-s_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs8-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-d8_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-d8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-d8c_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-d8c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs24-u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs24-u_firmware:1.14.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs8-g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs8-g_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-ps4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:pro_e800_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:pro_e800_g4_firmware:1.14.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-rs4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-rs4-u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-rs4-u_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs520-e9-rs12-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs520-e9-rs12-e_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs520-e9-rs8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs520-e9-rs8_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc8000_g4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc8000_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc8000_g4\\/10g_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc8000_g4\\/10g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs12-e_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs12-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_c621e_sage_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_c621e_sage:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e10-ps4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e10-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e10-rs4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e10-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs12v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs12v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs4v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs4v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs12v2_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs12v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs24v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs24v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pr-d16_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pr-d16:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28209,Asus,0.00207,4.9,0.0,1.0,0.0,1.0,0,2021-04-06,1.0,2021-03-29,,,1.0,"The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.2,3.6,['CWE-22'],"['cpe:2.3:o:asus:asmb9-ikvm_firmware:1.11.12:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:asmb9-ikvm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs24-e_firmware:1.10.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs24-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs4_firmware:1.10.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700-e9-rs4_firmware:1.09:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_g4x_firmware:1.11.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_g4x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700-e9-rs12_firmware:1.11.5:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700-e9-rs12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs100-e10-pi2_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs100-e10-pi2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs300-e10-ps4_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs300-e10-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs300-e10-rs4_firmware:1.13.6:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs300-e10-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9-ps4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9-rs4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e9_rs4_u_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e9_rs4_u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:e700_g4_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:e700_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_c422_pro\\/se_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_c422_pro\\/se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_x299_pro\\/se_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_x299_pro\\/se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-u12_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-u12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-u12\\/10g-2s_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-u12\\/10g-2s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:knpa-u16_firmware:1.13.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:knpa-u16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_dhd_g4_firmware:1.13.7:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_dhd_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc4000_g4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc4000_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs24-s_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs24-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs8_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720q-e9-rs8-s_firmware:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720q-e9-rs8-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-d8_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-d8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pa-d8c_firmware:1.14.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pa-d8c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs24-u_firmware:1.14.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs24-u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs8-g_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs8-g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-ps4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:pro_e800_g4_firmware:1.14.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:pro_e800_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-rs4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500-e9-rs4-u_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500-e9-rs4-u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs520-e9-rs12-e_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs520-e9-rs12-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs520-e9-rs8_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs520-e9-rs8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc8000_g4_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc8000_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:esc8000_g4\\/10g_firmware:1.15.4:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:esc8000_g4\\/10g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720-e9-rs12-e_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720-e9-rs12-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:ws_c621e_sage_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ws_c621e_sage:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e10-ps4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e10-ps4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs500a-e10-rs4_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs500a-e10-rs4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs12v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs12v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs700a-e9-rs4v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs700a-e9-rs4v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs12v2_firmware:1.15.2:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs12v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:rs720a-e9-rs24v2_firmware:1.15.1:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rs720a-e9-rs24v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:asus:z11pr-d16_firmware:1.15.3:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:z11pr-d16:-:*:*:*:*:*:*:*']",0,0
CVE-2021-40981,Asus,0.00042,7.3,0.0,0.0,1.0,0.0,0,2021-09-27,1.0,2021-09-24,,,1.0,ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a Trojan horse file in the publicly writable %PROGRAMDATA%\ASUS\GamingCenterLib directory.,CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.3,5.9,['CWE-427'],['cpe:2.3:a:asus:armoury_crate_lite_service:*:*:*:*:*:*:*:*'],0,0
CVE-2021-42055,Asus,0.0007,6.8,0.0,1.0,0.0,1.0,0,2021-10-18,1.0,2021-10-15,,,1.0,ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow attacks by a physically proximate attacker.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-276'],"['cpe:2.3:o:asus:ux582lr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:ux582lr:-:*:*:*:*:*:*:*']",0,0
CVE-2022-22814,Asus,0.00201,9.8,0.0,0.0,1.0,0.0,0,2022-03-10,0.0,,0.0,,,The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:asus:myasus:*:*:*:*:*:*:*:*'],0,0
CVE-2022-35899,Asus,0.00045,7.8,1.0,0.0,1.0,0.0,0,2022-07-21,1.0,2022-07-19,,,1.0,There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe file.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-428'],"['cpe:2.3:a:asus:aura_ready_game_software_development_kit:1.0.0.4:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",1,0
CVE-2022-36439,Asus,0.00042,6.0,0.0,0.0,1.0,0.0,0,2022-10-18,0.0,,0.0,,,"AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers (running Windows) allows a local user to write into the Temp directory and delete another more privileged file via SYSTEM privileges. This affects ASUS System Control Interface 3 before 3.1.5.0, AsusSoftwareManger.exe before 1.0.53.0, and AsusLiveUpdate.dll before 1.0.45.0.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,HIGH,MEDIUM,0.8,5.2,['NVD-CWE-noinfo'],"['cpe:2.3:a:asus:asusliveupdate:*:*:*:*:*:*:*:*', 'cpe:2.3:a:asus:asussoftwaremanger:*:*:*:*:*:*:*:*', 'cpe:2.3:a:asus:system_control_interface:*:*:*:*:*:*:*:*']",0,0
CVE-2022-38699,Asus,0.00044,5.9,0.0,0.0,1.0,0.0,0,2022-09-28,1.0,2022-09-15,,,1.0,"Armoury Crate Service’s logging function has insufficient validation to check if the log file is a symbolic link. A physical attacker with general user privilege can modify the log file property to a symbolic link that points to arbitrary system file, causing the logging function to overwrite the system file and disrupt the system.",CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,PHYSICAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,MEDIUM,0.7,5.2,['CWE-59'],['cpe:2.3:a:asus:armoury_crate_service:*:*:*:*:*:*:*:*'],0,0
CVE-2017-11649,DrayTek,0.00202,8.8,0.0,1.0,0.0,1.0,1,2018-03-07,0.0,,0.0,,,Cross-site request forgery (CSRF) vulnerability in DrayTek Vigor AP910C devices with firmware 1.2.0_RC3 build r6594 allows remote attackers to hijack the authentication of unspecified users for requests that enable SNMP on the remote device via vectors involving goform/setSnmp.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:draytek:vigorap_910c_firmware:1.2.0:rc3:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_910c:-:*:*:*:*:*:*:*']",0,0
CVE-2017-11650,DrayTek,0.00501,6.1,0.0,1.0,0.0,1.0,1,2018-03-07,0.0,,0.0,,,Cross-site scripting (XSS) vulnerability in DrayTek Vigor AP910C devices with firmware 1.2.0_RC3 build r6594 allows remote attackers to inject arbitrary web script or HTML via vectors involving home.asp.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:draytek:vigorap_910c_firmware:1.2.0:rc3:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_910c:-:*:*:*:*:*:*:*']",0,0
CVE-2019-16533,DrayTek,0.00084,6.1,0.0,1.0,0.0,0.0,1,2019-09-20,1.0,2018-05-18,,,1.0,"On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. NOTE: this is an end-of-life product.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:draytek:vigor2925_firmware:3.8.4.3:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor_2925:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor_2925n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2925ac:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2925fn:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2925n-plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2925vac:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2925vn-plus:-:*:*:*:*:*:*:*']",0,0
CVE-2019-16534,DrayTek,0.00084,6.1,0.0,1.0,0.0,0.0,1,2019-09-20,1.0,2018-05-18,,,1.0,"On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:draytek:vigor2925_firmware:3.8.4.3:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor_2925:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor_2925n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2925ac:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2925fn:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2925n-plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2925vac:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2925vn-plus:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10823,DrayTek,0.03592,9.8,0.0,1.0,0.0,1.0,1,2020-03-26,1.0,2020-02-06,,,1.0,"A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 1 of 3).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-10824,DrayTek,0.03592,9.8,0.0,1.0,0.0,1.0,1,2020-03-26,1.0,2020-02-06,,,1.0,"A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 2 of 3).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10825,DrayTek,0.03592,9.8,0.0,1.0,0.0,1.0,1,2020-03-26,1.0,2020-02-06,,,1.0,"A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 3 of 3).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10826,DrayTek,0.00368,9.8,0.0,1.0,0.0,1.0,1,2020-03-26,1.0,2020-02-06,,,1.0,"/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10827,DrayTek,0.03592,9.8,0.0,1.0,0.0,1.0,1,2020-03-26,1.0,2020-02-06,,,1.0,"A stack-based buffer overflow in apmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10828,DrayTek,0.03592,9.8,0.0,1.0,0.0,1.0,1,2020-03-26,1.0,2020-02-06,,,1.0,"A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*']",0,0
CVE-2020-14472,DrayTek,0.01128,9.8,0.0,1.0,0.0,1.0,1,2020-06-24,1.0,2020-06-17,,,1.0,"On Draytek Vigor3900, Vigor2960, and Vigor 300B devices before 1.5.1.1, there are some command-injection vulnerabilities in the mainfunction.cgi file.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14473,DrayTek,0.00426,9.8,0.0,1.0,0.0,1.0,1,2020-06-24,1.0,2020-06-17,,,1.0,"Stack-based buffer overflow vulnerability in Vigor3900, Vigor2960, and Vigor300B with firmware before 1.5.1.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14993,DrayTek,0.10501,9.8,0.0,1.0,0.0,1.0,1,2020-06-23,1.0,2020-06-17,,,1.0,"A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*']",0,0
CVE-2020-15415,DrayTek,0.93019,9.8,0.0,1.0,0.0,1.0,1,2020-06-30,1.0,2020-06-17,,,1.0,"On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used, a different issue than CVE-2020-14472.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*']",0,0
CVE-2020-19664,DrayTek,0.05147,8.8,0.0,1.0,0.0,1.0,1,2020-12-31,1.0,2020-06-17,,,1.0,DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*']",0,0
CVE-2020-28968,DrayTek,0.00058,5.4,0.0,1.0,0.0,1.0,1,2021-10-22,0.0,,0.0,,,Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username input field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:draytek:vigorap_1000c_firmware:1.3.2:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_1000c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorap_700_firmware:1.11:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorap_710_firmware:1.2.5:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorap_800_firmware:1.1.4:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorap_802_firmware:1.3.2:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_802:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorap_810_firmware:1.2.5:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_810:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorap_900_firmware:1.2.0:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorap_902_firmware:1.2.5:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_902:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorap_903_firmware:1.3.1:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_903:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorap_910c_firmware:1.2.5:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_910c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorap_912c_firmware:1.3.2:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_912c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorap_918r_firmware:1.3.2:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_918r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorap_920r_firmware:1.3.0:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_920r:-:*:*:*:*:*:*:*']",0,0
CVE-2020-3932,DrayTek,0.00168,7.5,0.0,1.0,0.0,1.0,1,2020-04-15,1.0,2020-04-15,,,1.0,"A vulnerable SNMP in Draytek VigorAP910C cannot be disabled, which may cause information leakage.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:draytek:vigorap_910c_firmware:1.3.1:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorap_910c:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8515,DrayTek,0.97276,9.8,1.0,1.0,0.0,1.0,1,2020-02-01,1.0,2020-02-06,,,0.0,"DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:draytek:vigor2960_firmware:1.3.1:beta:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor300b_firmware:1.3.3:beta:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor300b_firmware:1.4.2.1:beta:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor300b_firmware:1.4.4:beta:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3900_firmware:1.4.4:beta:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*']",1,0
CVE-2021-42911,DrayTek,0.00755,9.8,0.0,1.0,0.0,1.0,1,2022-03-29,0.0,,0.0,,,"A Format String vulnerability exists in DrayTek Vigor 2960 <= 1.5.1.3, DrayTek Vigor 3900 <= 1.5.1.3, and DrayTek Vigor 300B <= 1.5.1.3 in the mainfunction.cgi file via a crafted HTTP message containing malformed QUERY STRING, which could let a remote malicious user execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-134'],"['cpe:2.3:o:draytek:vigor2960_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor300b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*']",0,0
CVE-2021-43118,DrayTek,0.00345,9.8,0.0,1.0,0.0,1.0,1,2022-03-29,0.0,,0.0,,,"A Remote Command Injection vulnerability exists in DrayTek Vigor 2960 1.5.1.3, DrayTek Vigor 3900 1.5.1.3, and DrayTek Vigor 300B 1.5.1.3 via a crafted HTTP message containing malformed QUERY STRING in mainfunction.cgi, which could let a remote malicious user execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:draytek:vigor2960_firmware:1.5.1.3:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2960:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3900_firmware:1.5.1.3:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor300b_firmware:1.5.1.3:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor300b:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20123,DrayTek,0.49447,7.5,0.0,0.0,1.0,0.0,0,2021-10-13,1.0,2021-10-07,,,1.0,A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],['cpe:2.3:a:draytek:vigorconnect:1.6.0:beta3:*:*:*:*:*:*'],0,0
CVE-2021-20124,DrayTek,0.49184,7.5,0.0,0.0,1.0,0.0,0,2021-10-13,1.0,2021-10-07,,,1.0,A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],['cpe:2.3:a:draytek:vigorconnect:1.6.0:beta3:*:*:*:*:*:*'],0,0
CVE-2021-20125,DrayTek,0.00651,9.8,0.0,0.0,1.0,0.0,0,2021-10-13,1.0,2021-10-07,,,1.0,An arbitrary file upload and directory traversal vulnerability exists in the file upload functionality of DownloadFileServlet in Draytek VigorConnect 1.6.0-B3. An unauthenticated attacker could leverage this vulnerability to upload files to any location on the target operating system with root privileges.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-22'],['cpe:2.3:a:draytek:vigorconnect:1.6.0:beta3:*:*:*:*:*:*'],0,0
CVE-2021-20126,DrayTek,0.00105,8.8,0.0,0.0,1.0,0.0,0,2021-10-13,1.0,2021-10-07,,,1.0,"Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],['cpe:2.3:a:draytek:vigorconnect:1.6.0:beta3:*:*:*:*:*:*'],0,0
CVE-2021-20127,DrayTek,0.00079,8.1,0.0,0.0,1.0,0.0,0,2021-10-13,1.0,2021-10-07,,,1.0,An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3. This allows an authenticated user to arbitrarily delete files in any location on the target operating system with root privileges.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,HIGH,2.8,5.2,['NVD-CWE-noinfo'],['cpe:2.3:a:draytek:vigorconnect:1.6.0:beta3:*:*:*:*:*:*'],0,0
CVE-2021-20128,DrayTek,0.00058,5.4,0.0,0.0,1.0,0.0,0,2021-10-13,1.0,2021-10-07,,,1.0,"The Profile Name field in the floor plan (Network Menu) page in Draytek VigorConnect 1.6.0-B3 was found to be vulnerable to stored XSS, as user input is not properly sanitized.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:draytek:vigorconnect:1.6.0:beta3:*:*:*:*:*:*'],0,0
CVE-2021-20129,DrayTek,0.00406,7.5,0.0,0.0,1.0,0.0,0,2021-10-13,1.0,2021-10-07,,,1.0,"An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-532'],['cpe:2.3:a:draytek:vigorconnect:1.6.0:beta3:*:*:*:*:*:*'],0,0
CVE-2022-32548,DrayTek,0.00182,9.8,0.0,1.0,0.0,1.0,0,2022-08-29,1.0,2022-08-04,,,1.0,An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:draytek:vigor3910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor1000b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor1000b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2962_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2962:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2962p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2962p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2927_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2927:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2927ax_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2927ax:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2927ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2927ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2927vac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2927vac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2927l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2927l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2927lac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2927lac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2915_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2915:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2915ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2915ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2952_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2952:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2952p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2952p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor3220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor3220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2926_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2926:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2926n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2926n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2926ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2926ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2926vac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2926vac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2926l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2926l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2926ln_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2926ln:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2926lac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2926lac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2862_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2862:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2862n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2862n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2862ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2862ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2862vac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2862vac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2862b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2862b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2862bn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2862bn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2862l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2862l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2862ln_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2862ln:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2862lac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2862lac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2620l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2620l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2620ln_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2620ln:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigorlte_200n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigorlte_200n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2133_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2133:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2133n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2133n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2133ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2133ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2133vac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2133vac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2133fvac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2133fvac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2762_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2762:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2762n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2762n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2762ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2762ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2762vac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2762vac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor165_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor165:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor166_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor166:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2135_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2135:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2135ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2135ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2135vac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2135vac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2135fvac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2135fvac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2765ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2765ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2765vac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2765vac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2766_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2766:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2766ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2766ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2766vac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2766vac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2832_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2832:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2865_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2865:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2865ax_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2865ax:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2865ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2865ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2865vac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2865vac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2865l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2865l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2865lac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2865lac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2866_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2866:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2866ax_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2866ax:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2866ac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2866ac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2866vac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2866vac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2866l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2866l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:draytek:vigor2866lac_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:draytek:vigor2866lac:-:*:*:*:*:*:*:*']",0,0
CVE-2017-12077,Synology,0.00062,4.9,0.0,0.0,1.0,0.0,1,2017-08-28,1.0,2017-08-28,,,1.0,"Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-400'],['cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2017-12078,Synology,0.00063,7.2,0.0,0.0,1.0,0.0,1,2018-06-08,1.0,2018-06-28,,,0.0,Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-77'],['cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2017-14491,Synology,0.30287,9.8,1.0,0.0,1.0,0.0,1,2017-10-04,1.0,2018-01-12,,,0.0,Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*', 'cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*', 'cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*', 'cpe:2.3:a:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*', 'cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*', 'cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*', 'cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*', 'cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tk1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_v9_play_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_v9_play:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:5.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.1:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:1.1:*:*:*:*:*:*:*']",1,1
CVE-2017-15895,Synology,0.00062,6.5,0.0,0.0,1.0,0.0,1,2017-12-08,1.0,2017-12-08,,,1.0,Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager (SRM) before 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-22'],['cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2018-13287,Synology,0.00059,6.5,0.0,0.0,1.0,0.0,1,2019-04-01,1.0,2019-04-01,,,1.0,Incorrect default permissions vulnerability in synouser.conf in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to obtain sensitive information via the world readable configuration.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-276'],['cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2018-13289,Synology,0.00133,5.3,0.0,0.0,1.0,0.0,1,2019-04-01,1.0,2019-04-01,,,1.0,Information exposure vulnerability in SYNO.FolderSharing.List in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-200'],['cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2018-13292,Synology,0.00054,4.3,0.0,0.0,1.0,0.0,1,2019-04-01,1.0,2019-04-01,,,1.0,Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to obtain sensitive information via the world readable configuration.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,2.8,1.4,['CWE-200'],['cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2018-7184,Synology,0.02857,7.5,0.0,0.0,1.0,1.0,1,2018-03-06,1.0,2018-04-10,,,0.0,"ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the ""received"" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:ntp:ntp:4.2.8:p10:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:5.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.1:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:virtual_diskstation_manager:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*', 'cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*', 'cpe:2.3:o:slackware:slackware_linux:14.2:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*']",0,0
CVE-2018-8918,Synology,0.00054,5.4,0.0,0.0,1.0,0.0,1,2018-12-24,1.0,2018-05-24,,,1.0,Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) before 1.1.7-6941 allows remote attackers to inject arbitrary web script or HTML via the host parameter.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2019-11823,Synology,0.00146,7.5,0.0,0.0,1.0,0.0,1,2020-05-04,1.0,2020-06-18,,,0.0,CRLF injection vulnerability in Network Center in Synology Router Manager (SRM) before 1.2.3-8017-2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-125'],['cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2019-14907,Synology,0.00598,6.5,0.0,0.0,1.0,0.0,1,2020-01-21,1.0,2021-05-24,,,0.0,"All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with ""log level = 3"" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-125'],"['cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*', 'cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*', 'cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:directory_server:-:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*']",0,0
CVE-2019-19344,Synology,0.00379,6.5,0.0,0.0,1.0,0.0,1,2020-01-21,1.0,2021-05-24,,,0.0,"There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-416'],"['cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*', 'cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*', 'cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:directory_server:-:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*']",0,0
CVE-2019-3870,Synology,0.0019,6.1,0.0,1.0,1.0,1.0,1,2019-04-09,1.0,2020-10-28,,,0.0,"A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,HIGH,MEDIUM,1.8,4.2,['CWE-276'],"['cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*', 'cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:directory_server:-:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:5.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.1:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9494,Synology,0.00843,5.9,0.0,0.0,1.0,0.0,1,2019-04-17,1.0,2020-06-18,,,0.0,The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,"['CWE-203', 'CWE-208']","['cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*', 'cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*', 'cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:radius_server:3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.2:-:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.2:p2:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.2:p3:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.2:p6:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.2:p7:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.2:p8:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.2:p9:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.2:rc3:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:12.0:p2:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*']",0,0
CVE-2019-9502,Synology,0.0018,8.8,0.0,0.0,1.0,0.0,1,2020-02-03,1.0,2019-04-23,,,1.0,"The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-787', 'CWE-122']","['cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*', 'cpe:2.3:o:broadcom:bcm4339_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:broadcom:bcm4339:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9513,Synology,0.04253,7.5,0.0,1.0,1.0,1.0,1,2019-08-13,1.0,2020-10-15,,,0.0,"Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['NVD-CWE-Other', 'CWE-400']","['cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*']",0,0
CVE-2019-9514,Synology,0.7923,7.5,0.0,1.0,1.0,1.0,1,2019-08-13,1.0,2020-10-15,,,0.0,"Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-770', 'CWE-400']","['cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*']",0,0
CVE-2019-9515,Synology,0.03886,7.5,0.0,1.0,1.0,1.0,1,2019-08-13,1.0,2020-10-15,,,0.0,"Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-770', 'CWE-400']","['cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*']",0,0
CVE-2019-9516,Synology,0.00702,6.5,0.0,1.0,1.0,1.0,1,2019-08-13,1.0,2020-10-15,,,0.0,"Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,"['CWE-770', 'CWE-400']","['cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*']",0,0
CVE-2019-9518,Synology,0.01188,7.5,0.0,1.0,1.0,1.0,1,2019-08-13,1.0,2020-10-15,,,0.0,"Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-770', 'CWE-400']","['cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*']",0,0
CVE-2020-27649,Synology,0.00089,9.0,0.0,0.0,1.0,0.0,1,2020-10-29,1.0,2020-10-29,,,1.0,Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.2,6.0,['CWE-295'],['cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2020-27651,Synology,0.00165,8.1,0.0,0.0,1.0,0.0,1,2020-10-29,1.0,2020-10-29,,,1.0,"Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,"['CWE-311', 'CWE-614']",['cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2020-27653,Synology,0.00116,8.3,0.0,0.0,1.0,0.0,1,2020-10-29,1.0,2020-10-29,,,1.0,Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.,CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H,NETWORK,HIGH,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH,HIGH,1.6,6.0,['CWE-327'],"['cpe:2.3:a:synology:diskstation_manager:6.2.3_25426:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2020-27658,Synology,0.00258,6.1,0.0,0.0,1.0,0.0,1,2020-10-29,1.0,2020-10-29,,,1.0,"Synology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,"['CWE-732', 'CWE-1004']",['cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2020-8622,Synology,0.00408,6.5,0.0,0.0,1.0,0.0,1,2020-08-21,1.0,2021-02-23,,,0.0,"In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-617'],"['cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*', 'cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*', 'cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*', 'cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*', 'cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:dns_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*']",0,0
CVE-2017-11150,Synology,0.00088,7.8,0.0,0.0,1.0,0.0,0,2017-08-14,1.0,2017-08-11,,,1.0,Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-78'],"['cpe:2.3:a:synology:office:2.2.0-1502:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:office:2.2.1-1506:*:*:*:*:*:*:*']",0,0
CVE-2017-11155,Synology,0.45775,7.5,1.0,0.0,1.0,0.0,0,2017-08-08,1.0,2017-08-08,,,1.0,An information exposure vulnerability in index.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to obtain sensitive system information via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-200', 'CWE-205']","['cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:photo_station:6.3-2967:*:*:*:*:*:*:*']",1,1
CVE-2017-11157,Synology,0.00062,7.8,0.0,0.0,1.0,0.0,0,2017-08-30,1.0,2018-08-30,,,0.0,"Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],"['cpe:2.3:a:synology:cloud_station_backup:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2017-11158,Synology,0.00062,7.8,0.0,0.0,1.0,0.0,0,2017-08-31,1.0,2017-08-30,,,1.0,"Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['CWE-426', 'CWE-427']","['cpe:2.3:a:synology:cloud_station_drive:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2017-12072,Synology,0.00054,5.4,0.0,0.0,1.0,0.0,0,2017-12-20,1.0,2017-12-20,,,1.0,Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.8.0-3456 allows remote authenticated users to inject arbitrary web scripts or HTML via the id parameter.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*'],0,0
CVE-2017-12076,Synology,0.00062,4.9,0.0,0.0,1.0,0.0,0,2017-08-28,1.0,2017-08-28,,,1.0,"Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology DiskStation (DSM) before 6.1.1-15088 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-400'],"['cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.1.1:*:*:*:*:*:*:*']",0,0
CVE-2017-12080,Synology,0.00151,5.3,0.0,0.0,1.0,0.0,0,2017-12-04,1.0,2017-12-04,,,1.0,An information exposure vulnerability in default HTTP configuration file in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain sensitive system information via .htaccess file.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-200'],"['cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*']",0,0
CVE-2017-15888,Synology,0.00054,5.4,0.0,0.0,1.0,0.0,0,2017-10-30,1.0,2017-10-30,,,1.0,Cross-site scripting (XSS) vulnerability in Custom Internet Radio List in Synology Audio Station before 6.3.0-3260 allows remote authenticated attackers to inject arbitrary web script or HTML via the NAME parameter.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:synology:audio_station:*:*:*:*:*:*:*:*'],0,0
CVE-2017-15894,Synology,0.00062,6.5,0.0,0.0,1.0,0.0,0,2017-12-08,1.0,2017-12-08,,,1.0,Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology DiskStation Manager (DSM) 6.0.x before 6.0.3-8754-3 and before 5.2-5967-6 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-22'],"['cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2017-16766,Synology,0.0009,6.5,0.0,0.0,1.0,0.0,0,2017-12-22,1.0,2017-12-22,,,1.0,An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM) before 6.1.4-15217 and before 6.0.3-8754-6 allows local users to inject arbitrary web script or HTML via the -fn option.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,NONE,MEDIUM,3.9,2.5,"['CWE-74', 'CWE-284']","['cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2017-16768,Synology,0.00054,4.8,0.0,0.0,1.0,0.0,0,2017-12-27,1.0,2017-12-27,,,1.0,Cross-site scripting (XSS) vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.7,2.7,['CWE-79'],['cpe:2.3:a:synology:mailplus_server:*:*:*:*:*:*:*:*'],0,0
CVE-2017-16771,Synology,0.00126,6.1,0.0,0.0,1.0,0.0,0,2018-03-22,1.0,2018-03-22,,,1.0,Cross-site scripting (XSS) vulnerability in Log Viewer in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote attackers to inject arbitrary web script or HTML via the username parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*']",0,0
CVE-2017-16772,Synology,0.00065,8.8,0.0,0.0,1.0,0.0,0,2018-03-22,1.0,2018-03-22,,,1.0,Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-20', 'CWE-434']","['cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*']",0,0
CVE-2017-16773,Synology,0.00063,8.8,0.0,0.0,1.0,0.0,0,2018-07-05,1.0,2018-07-05,,,1.0,Improper authorization vulnerability in Highlight Preview in Synology Universal Search before 1.0.5-0135 allows remote authenticated users to bypass permission checks for directories in POSIX mode.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-863', 'CWE-285']",['cpe:2.3:a:synology:universal_search:*:*:*:*:*:*:*:*'],0,0
CVE-2017-16774,Synology,0.00054,5.4,0.0,0.0,1.0,0.0,0,2019-04-01,1.0,2019-03-31,,,1.0,Cross-site scripting (XSS) vulnerability in SYNO.Core.PersonalNotification.Event in Synology DiskStation Manager (DSM) before 6.1.4-15217-3 allows remote authenticated users to inject arbitrary web script or HTML via the package parameter.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2018-8911,Synology,0.00054,5.4,0.0,0.0,1.0,0.0,0,2018-05-09,1.0,2018-05-08,,,1.0,Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Note Station before 2.5.1-0844 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:synology:note_station:*:*:*:*:*:*:*:*'],0,0
CVE-2018-8922,Synology,0.00055,6.5,0.0,0.0,1.0,0.0,0,2018-06-01,1.0,2018-06-01,,,1.0,Improper access control vulnerability in Synology Drive before 1.0.2-10275 allows remote authenticated users to access non-shared files or folders via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,"['NVD-CWE-noinfo', 'CWE-284']",['cpe:2.3:a:synology:drive:1.0.2-10275:*:*:*:*:*:*:*'],0,0
CVE-2018-8925,Synology,0.00064,8.8,0.0,0.0,1.0,0.0,0,2018-06-08,1.0,2018-06-08,,,1.0,"Cross-site request forgery (CSRF) vulnerability in admin/user.php in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote attackers to hijack the authentication of administrators via the (1) username, (2) password, (3) admin, (4) action, (5) uid, or (6) modify_admin parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*']",0,0
CVE-2019-11820,Synology,0.00042,5.5,0.0,0.0,1.0,0.0,0,2019-05-09,1.0,2019-05-09,,,1.0,Information exposure through process environment vulnerability in Synology Calendar before 2.3.3-0620 allows local users to obtain credentials via cmdline.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-522'],['cpe:2.3:a:synology:calendar:*:*:*:*:*:*:*:*'],0,0
CVE-2019-11821,Synology,0.00074,9.8,0.0,0.0,1.0,0.0,0,2019-06-30,1.0,2019-06-30,,,1.0,SQL injection vulnerability in synophoto_csPhotoDB.php in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to execute arbitrary SQL command via the type parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-89'],"['cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*']",0,0
CVE-2019-11826,Synology,0.00068,8.8,0.0,0.0,1.0,0.0,0,2019-06-30,1.0,2019-06-30,,,1.0,Relative path traversal vulnerability in SYNO.PhotoTeam.Upload.Item in Synology Moments before 1.3.0-0691 allows remote authenticated users to upload arbitrary files via the name parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-22', 'CWE-23']",['cpe:2.3:a:synology:moments:*:*:*:*:*:*:*:*'],0,0
CVE-2019-11828,Synology,0.00054,5.4,0.0,0.0,1.0,0.0,0,2019-06-30,1.0,2019-06-30,,,1.0,Cross-site scripting (XSS) vulnerability in Chart in Synology Office before 3.1.4-2771 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:synology:office:*:*:*:*:*:*:*:*'],0,0
CVE-2020-1472,Synology,0.52411,10.0,1.0,0.0,1.0,0.0,0,2020-08-17,1.0,2020-09-17,,,0.0,"An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.
To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.
Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.
For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see  How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020).
When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-330'],"['cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2004:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*', 'cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_server_20h2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*', 'cpe:2.3:a:synology:directory_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*', 'cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*', 'cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*']",2,0
CVE-2020-27660,Synology,0.00335,9.8,0.0,0.0,1.0,0.0,0,2020-11-30,1.0,2020-12-28,,,0.0,SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-89'],['cpe:2.3:a:synology:safeaccess:*:*:*:*:*:*:*:*'],0,0
CVE-2020-8621,Synology,0.01108,7.5,0.0,0.0,1.0,0.0,0,2020-08-21,1.0,2021-02-23,,,0.0,"In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-617'],"['cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*', 'cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*', 'cpe:2.3:a:synology:dns_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*']",0,0
CVE-2021-43925,Synology,0.00077,9.8,0.0,0.0,1.0,0.0,0,2022-02-07,1.0,2022-11-09,,,0.0,Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-89'],"['cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2022-22680,Synology,0.0012,7.5,0.0,0.0,1.0,0.0,0,2022-02-07,1.0,2022-11-09,,,0.0,Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to obtain sensitive information via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['NVD-CWE-noinfo', 'CWE-200']","['cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2022-22683,Synology,0.00137,9.8,0.0,0.0,1.0,0.0,0,2022-07-28,1.0,2022-07-28,,,1.0,Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary code via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:a:synology:media_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:media_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*']",0,0
CVE-2022-27610,Synology,0.00062,8.1,0.0,0.0,1.0,0.0,0,2022-07-27,1.0,2022-07-27,,,1.0,Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25423 allows remote authenticated users to delete arbitrary files via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,HIGH,2.8,5.2,['CWE-22'],['cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2022-27612,Synology,0.00077,9.8,0.0,0.0,1.0,0.0,0,2022-07-28,1.0,2022-07-28,,,1.0,Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Audio Station before 6.5.4-3367 allows remote attackers to execute arbitrary commands via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],['cpe:2.3:a:synology:audio_station:*:*:*:*:*:*:*:*'],0,0
CVE-2022-27614,Synology,0.0012,7.5,0.0,0.0,1.0,0.0,0,2022-07-28,1.0,2022-07-28,,,1.0,Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server before 1.8.1-2876 allows remote attackers to obtain sensitive information via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:a:synology:media_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:media_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*']",0,0
CVE-2022-27615,Synology,0.00062,8.1,0.0,0.0,1.0,0.0,0,2022-07-28,1.0,2022-07-28,,,1.0,Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology DNS Server before 2.2.2-5027 allows remote authenticated users to delete arbitrary files via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,HIGH,2.8,5.2,['CWE-22'],['cpe:2.3:a:synology:dns_server:*:*:*:*:*:*:*:*'],0,0
CVE-2022-27616,Synology,0.0007,7.2,0.0,0.0,1.0,0.0,0,2022-08-03,1.0,2022-08-03,,,1.0,Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 7.0.1-42218-3 allows remote authenticated users to execute arbitrary commands via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*']",0,0
CVE-2022-27620,Synology,0.00068,4.9,0.0,0.0,1.0,0.0,0,2022-08-03,1.0,2022-08-03,,,1.0,Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology SSO Server before 2.2.3-0331 allows remote authenticated users to read arbitrary files via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.2,3.6,['CWE-22'],"['cpe:2.3:a:synology:sso_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:7.1:*:*:*:*:*:*:*']",0,0
CVE-2022-27625,Synology,0.00109,9.8,0.0,1.0,1.0,0.0,0,2022-10-20,1.0,2022-10-20,,,1.0,"A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the message processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to execute arbitrary commands via unspecified vectors. The following models with Synology DiskStation Manager (DSM) versions before 7.1.1-42962-2 may be affected: DS3622xs+, FS3410, and HD6500.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:ds3622xs\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:fs3410:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:hd6500:-:*:*:*:*:*:*:*']",0,0
CVE-2017-12413,Axis Communications,0.0013,6.1,0.0,1.0,0.0,1.0,1,2017-08-04,0.0,,0.0,,,"AXIS 2100 devices 2.43 have XSS via the URI, possibly related to admin/admin.shtml.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:axis:2100_network_camera_firmware:2.43:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:2100_network_camera:-:*:*:*:*:*:*:*']",0,0
CVE-2017-15885,Axis Communications,0.00125,6.1,0.0,1.0,0.0,1.0,1,2017-10-25,0.0,,0.0,,,Reflected XSS in the web administration portal on the Axis 2100 Network Camera 2.03 allows an attacker to execute arbitrary JavaScript via the conf_Layout_OwnTitle parameter to view/view.shtml. NOTE: this might overlap CVE-2007-5214.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:axis:2100_network_camera_firmware:2.03:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:2100_network_camera:-:*:*:*:*:*:*:*']",0,0
CVE-2018-10658,Axis Communications,0.00408,7.5,0.0,1.0,0.0,1.0,1,2018-06-26,1.0,2018-06-30,,,0.0,There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-119'],"['cpe:2.3:h:axis:a1001:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a1001_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8105-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8105-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9161:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9161_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c1004-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c1004-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c2005:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c2005_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c3003-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c3003-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c8033_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c8033:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_bullet_le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_bullet_le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_c360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_c360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_4ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_4ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_8ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_8ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d2050-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d2050-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f34_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f34_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f41_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f41_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_dual_audio_input_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_dual_audio_input:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:fa54_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:fa54_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1004-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1004-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1033-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1033-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1034-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1034-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1045-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1045-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1103_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1103:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1104_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1143-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1143-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1144-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1144-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2014-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2014-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2025-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2025-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3005-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3005-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3006-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3006-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-pv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-pv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3015_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3015:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3024-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3024-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3025-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3025-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3026-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3026-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3027-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3027-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3037-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3037-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_1.8mm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v_1.8mm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3047-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3047-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3048-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3048-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5525-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5525-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7010_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7010:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7011_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7011:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1224-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1224-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1244_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1245_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1245:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1254_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1254:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1264_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1264:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1265_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1275_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1325-z_firmware:7.10.1.1:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1325-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1368-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1368-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1428-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1428-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1447-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1447-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1448-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1448-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3705-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3705-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3706-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3706-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3707-pe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3707-pe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5414-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5414-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5415-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5415-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534:-:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5544:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5544_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7216_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7224_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7224_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8513_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8513:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8524_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8524:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1605-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1605-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1645_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1645:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1647_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1647:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1659_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1659:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910-e_firmware:5.51.5:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-sve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-sve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3615-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3615-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3617-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3617-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3708-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3708-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3709-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3709-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6115-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6115-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6125-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6125-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6128-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6128-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6155-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6155-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7404_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7406_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7406_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7411_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7411:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7414_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7414_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7436_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7436_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8414-lvs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8414-lvs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8631-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8631-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8632-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8632-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8641-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8641-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8642-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8642-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8655-zle_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8655-zle:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8675-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8675-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8721-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8721-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8722-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8722-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5914_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5914:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5915_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5915:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf60-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf60-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1942_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1942:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp60-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp60-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d201-s_xpt_q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d201-s_xpt_q6055:-:*:*:*:*:*:*:*']",0,0
CVE-2018-10659,Axis Communications,0.00641,7.5,0.0,1.0,0.0,1.0,1,2018-06-26,1.0,2018-06-30,,,0.0,There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-119'],"['cpe:2.3:o:axis:a1001_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a1001:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8105-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8105-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9161_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9161:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c1004-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c1004-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c2005_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c2005:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c3003-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c3003-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c8033_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c8033:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_bullet_le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_bullet_le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_c360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_c360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_4ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_4ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_8ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_8ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d2050-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d2050-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f34_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f34_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f41_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f41_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_dual_audio_input_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_dual_audio_input:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:fa54_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:fa54_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1004-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1004-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1033-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1033-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1034-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1034-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1045-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1045-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1103_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1103:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1104_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1143-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1143-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1144-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1144-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2014-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2014-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2025-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2025-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3005-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3005-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3006-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3006-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-pv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-pv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3015_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3015:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3024-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3024-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3025-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3025-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3026-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3026-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3027-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3027-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3037-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3037-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_1.8mm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v_1.8mm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3047-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3047-p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3048-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3048-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5525-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5525-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7010_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7010:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7011_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7011:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1224-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1224-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1244_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1245_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1245:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1254_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1254:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1264_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1264:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1265_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1275_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1325-z_firmware:7.10.1.1:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1325-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1368-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1368-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1428-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1428-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1447-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1447-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1448-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1448-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3705-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3705-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3706-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3706-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3707-pe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3707-pe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5414-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5414-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5415-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5415-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5544_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5544:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7216_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7224_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7224_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8513_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8513:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8524_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8524:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1605-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1605-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635:-:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1645:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1645_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1647:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1647_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1659:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1659_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910-e_firmware:5.51.5:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-sve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-sve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3615-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3615-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3617-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3617-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3708-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3708-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3709-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3709-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6115-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6115-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6125-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6125-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6128-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6128-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6155-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6155-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7404_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7406_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7406_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7411_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7411:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7414_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7414_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7436_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7436_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8414-lvs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8414-lvs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8631-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8631-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8632-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8632-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8641-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8641-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8642-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8642-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8655-zle_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8655-zle:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8675-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8675-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8721-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8721-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8722-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8722-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5914_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5914:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5915_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5915:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf60-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf60-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1942_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1942:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp60-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp60-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d201-s_xpt_q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d201-s_xpt_q6055:-:*:*:*:*:*:*:*']",0,0
CVE-2018-10660,Axis Communications,0.09171,9.8,1.0,1.0,0.0,1.0,1,2018-06-26,1.0,2018-06-30,,,0.0,An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:axis:a1001_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a1001:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8105-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8105-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9161_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9161:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c1004-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c1004-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c2005_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c2005:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c3003-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c3003-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c8033_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c8033:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_bullet_le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_bullet_le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_c360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_c360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_4ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_4ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_8ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_8ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d2050-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d2050-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f34_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f34_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f41_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f41_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_dual_audio_input_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_dual_audio_input:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:fa54_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:fa54_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1004-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1004-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1033-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1033-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1034-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1034-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1045-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1045-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1103_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1103:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1104_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1143-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1143-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1144-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1144-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2014-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2014-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2025-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2025-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3005-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3005-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3006-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3006-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-pv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-pv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3015_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3015:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3024-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3024-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3025-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3025-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3026-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3026-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3027-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3027-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3037-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3037-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_1.8mm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v_1.8mm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3047-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3047-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3048-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3048-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5525-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5525-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7010_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7010:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7011_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7011:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1224-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1224-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1244_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1245_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1245:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1254_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1254:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1264_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1264:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1265_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1275_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1325-z_firmware:7.10.1.1:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1325-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1368-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1368-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1428-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1428-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1447-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1447-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1448-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1448-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3705-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3705-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3706-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3706-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3707-pe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3707-pe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5414-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5414-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5415-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5415-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5544_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5544:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7216_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7224_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7224_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8513:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8513_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8524:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8524_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1605-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1605-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1645_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1645:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1647_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1647:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1659_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1659:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910-e_firmware:5.51.5:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-sve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-sve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3615-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3615-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3617-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3617-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3708-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3708-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3709-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3709-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6115-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6115-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6125-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6125-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6128-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6128-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6155-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6155-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7404_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7406_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7406_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7411_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7411:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7414_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7414_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7436_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7436_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8414-lvs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8414-lvs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8631-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8631-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8632-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8632-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8641-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8641-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8642-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8642-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8655-zle_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8655-zle:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8675-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8675-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8721-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8721-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8722-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8722-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5914_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5914:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5915_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5915:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf60-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf60-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1942_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1942:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp60-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp60-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d201-s_xpt_q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d201-s_xpt_q6055:-:*:*:*:*:*:*:*']",1,1
CVE-2018-10661,Axis Communications,0.1054,9.8,1.0,1.0,0.0,1.0,1,2018-06-26,1.0,2018-06-30,,,0.0,An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:axis:a1001_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a1001:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8105-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8105-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9161_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9161:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188-v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c1004-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c1004-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c2005:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c2005_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c3003-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c3003-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c8033:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c8033_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_bullet_le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_bullet_le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_c360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_c360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_4ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_4ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_8ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_8ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d2050-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d2050-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f34_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f34_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f41_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f41_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_dual_audio_input_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_dual_audio_input:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:fa54_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:fa54_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1004-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1004-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1033-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1033-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1034-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1034-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1045-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1045-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1103_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1103:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1104_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1143-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1143-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1144-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1144-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2014-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2014-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2025-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2025-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3005-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3005-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3006-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3006-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-pv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-pv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3015_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3015:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3024-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3024-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3025-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3025-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3026-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3026-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3027-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3027-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3037-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3037-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_1.8mm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v_1.8mm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3047-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3047-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3048-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3048-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5525-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5525-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7010_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7010:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7011_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7011:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1224-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1224-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1244_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1245_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1245:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1254_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1254:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1264_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1264:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1265_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1275_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1325-z_firmware:7.10.1.1:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1325-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1368-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1368-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1428-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1428-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1447-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1447-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1448-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1448-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3353:-:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3705-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3705-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3706-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3706-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3707-pe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3707-pe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5414-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5414-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5415-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5415-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5544_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5544:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7216_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7224_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7224_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8513_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8513:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8524_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8524:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1605-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1605-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1645_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1645:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1647_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1647:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1659_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1659:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910-e_firmware:5.51.5:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-sve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-sve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3615-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3615-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3617-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3617-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3708-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3708-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3709-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3709-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6115-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6115-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6125-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6125-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6128-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6128-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6155-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6155-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7404_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7406_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7406_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7411_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7411:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7414_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7414_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7436_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7436_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8414-lvs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8414-lvs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8631-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8631-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8632-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8632-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8641-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8641-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8642-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8642-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8655-zle_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8655-zle:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8675-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8675-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8721-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8721-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8722-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8722-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5914_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5914:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5915_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5915:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf60-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf60-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1942_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1942:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp60-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp60-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d201-s_xpt_q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d201-s_xpt_q6055:-:*:*:*:*:*:*:*']",1,1
CVE-2018-10662,Axis Communications,0.08987,9.8,1.0,1.0,0.0,1.0,1,2018-06-26,1.0,2018-06-30,,,0.0,An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:axis:a1001_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a1001:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8105-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8105-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9161_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9161:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c1004-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c1004-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c2005_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c2005:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c3003-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c3003-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c8033_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c8033:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_bullet_le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_bullet_le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_c360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_c360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_4ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_4ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_8ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_8ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d2050-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d2050-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f34_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f34_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f41_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f41_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_dual_audio_input_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_dual_audio_input:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:fa54_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:fa54_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1004-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1004-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1033-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1033-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1034-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1034-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1045-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1045-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1103_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1103:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1104_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1143-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1143-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1144-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1144-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2014-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2014-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2025-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2025-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3005-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3005-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3006-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3006-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-pv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-pv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3015_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3015:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3024-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3024-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3025-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3025-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3026-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3026-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3027-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3027-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3037-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3037-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_1.8mm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v_1.8mm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3047-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3047-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3048-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3048-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5525-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5525-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7010_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7010:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7011_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7011:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1224-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1224-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1244_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1245_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1245:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1254_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1254:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1264_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1264:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1265_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1275_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1325-z_firmware:7.10.1.1:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1325-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1368-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1368-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1428-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1428-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1447-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1447-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1448-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1448-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3705-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3705-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3706-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3706-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3707-pe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3707-pe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5414-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5414-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5415-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5415-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5544_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5544:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7216_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7224_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7224_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8513_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8513:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8524_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8524:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1605-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1605-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1645_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1645:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1647_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1647:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1659_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1659:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910-e_firmware:5.51.5:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-sve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-sve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3615-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3615-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3617-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3617-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3708-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3708-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3709-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3709-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6115-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6115-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6125-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6125-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6128-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6128-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6155-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6155-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7404_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7406_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7406_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7411_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7411:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7414_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7414_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7436_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7436_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8414-lvs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8414-lvs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8631-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8631-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8632-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8632-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8641-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8641-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8642-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8642-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8655-zle_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8655-zle:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8675-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8675-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8721-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8721-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8722-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8722-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5914_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5914:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5915_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5915:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf60-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf60-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1942_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1942:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp60-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp60-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d201-s_xpt_q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d201-s_xpt_q6055:-:*:*:*:*:*:*:*']",1,1
CVE-2018-10663,Axis Communications,0.00366,7.5,0.0,1.0,0.0,1.0,1,2018-06-26,1.0,2018-06-30,,,0.0,An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:o:axis:a1001_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a1001:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8105-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8105-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9161_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9161:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c1004-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c1004-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c2005_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c2005:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c3003-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c3003-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c8033_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c8033:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_bullet_le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_bullet_le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_c360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_c360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_4ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_4ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_8ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_8ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d2050-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d2050-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f34_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f34_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f41_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f41_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_dual_audio_input_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_dual_audio_input:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:fa54_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:fa54_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1004-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1004-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1033-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1033-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1034-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1034-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1045-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1045-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1103_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1103:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1104_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1143-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1143-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1144-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1144-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2014-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2014-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2025-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2025-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3005-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3005-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3006-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3006-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-pv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-pv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3015_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3015:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3024-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3024-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3025-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3025-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3026-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3026-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3027-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3027-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3037-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3037-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_1.8mm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v_1.8mm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3047-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3047-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3048-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3048-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5525-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5525-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7010_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7010:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7011_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7011:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1224-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1224-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1244_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1245_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1245:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1254_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1254:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1264_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1264:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1265_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1275_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1325-z_firmware:7.10.1.1:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1325-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1368-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1368-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1428-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1428-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1447-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1447-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1448-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1448-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3705-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3705-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3706-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3706-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3707-pe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3707-pe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5414-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5414-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5415-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5415-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5544_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5544:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7216_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7224_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7224_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8513_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8513:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8524_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8524:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1605-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1605-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1645_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1645:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1647_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1647:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1659_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1659:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910-e_firmware:5.51.5:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-sve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-sve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3615-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3615-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3617-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3617-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3708-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3708-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3709-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3709-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6115-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6115-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6125-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6125-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6128-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6128-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6155-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6155-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7404_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7406_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7406_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7411_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7411:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7414_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7414_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7436_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7436_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8414-lvs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8414-lvs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8631-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8631-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8632-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8632-e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8641-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8641-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8642-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8642-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8655-zle:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8655-zle_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8675-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8675-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8721-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8721-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8722-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8722-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5914_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5914:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5915_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5915:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf60-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf60-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1942_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1942:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp60-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp60-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d201-s_xpt_q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d201-s_xpt_q6055:-:*:*:*:*:*:*:*']",0,0
CVE-2018-10664,Axis Communications,0.013,7.5,0.0,1.0,0.0,1.0,1,2018-06-26,1.0,2018-06-30,,,0.0,An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-119'],"['cpe:2.3:o:axis:a1001_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a1001:-:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a8105-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a8105-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9161:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9161_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:a9188-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:a9188-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c1004-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c1004-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c2005:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c2005_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c3003-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c3003-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:c8033_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:c8033:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_bullet_le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_bullet_le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_c360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_c360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_cube_lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_cube_lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_dome_wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_dome_wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_eye_lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_eye_lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_4ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_4ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:companion_recorder_8ch_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:companion_recorder_8ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d2050-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d2050-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f34_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f34_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f41_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f41_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_dual_audio_input_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_dual_audio_input:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:f44_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:f44_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:fa54_main_unit_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:fa54_main_unit:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1004-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1004-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1033-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1033-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1034-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1034-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1045-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1045-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1065-lw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1065-lw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1103_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1103:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1104_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1113-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1113-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1125-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1125-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1143-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1143-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1144-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1144-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m1145-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1145-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2014-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2014-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2025-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2025-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m2026-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m2026-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3004-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3004-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3005-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3005-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3006-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3006-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007-pv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007-pv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3015_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3015:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3024-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3024-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3025-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3025-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3026-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3026-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3027-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3027-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3037-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3037-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3044-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3044-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045-wv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045-wv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3046-v_1.8mm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3046-v_1.8mm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3047-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3047-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3048-p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3048-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3104-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3104-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3105-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3105-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-l_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-l_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3106-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3106-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3113-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3113-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3114-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3114-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3203-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3203-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3204-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3204-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5013-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5013-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5014-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5014-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m5525-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m5525-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7010_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7010:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7011_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7011:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m7016_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m7016:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1125-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1125-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1126-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1126-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1214-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1214-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1224-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1224-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1244_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1245_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1245:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1254_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1254:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1264_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1264:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1265_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1275_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1280_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1290_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1290:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1325-z_firmware:7.10.1.1:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1325-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1343-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1343-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1344-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1344-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1346-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1346-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1347-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1347-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1353-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1353-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1354-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1355-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1355-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1357-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1357-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1364-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1364-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1365-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1365-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1367-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1367-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1368-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1368-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1405-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1405-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1425-le_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1425-le_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1427-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1427-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1428-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1428-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1435-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1435-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1447-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1447-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p1448-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1448-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3114-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3114-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3115-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3115-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3125-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3125-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3214-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3214-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3215-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3215-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3224-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3224-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lv_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lv_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-lve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-lve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3227-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3227-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3228-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3228-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3301-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3301-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3304-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3304-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3314-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3314-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3315-zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3315-zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3343-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3343-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344:-:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3344-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3344-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3346-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3346-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3353:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3353_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3354:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3354_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3363-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3363-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3364-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3364-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3365-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3365-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3374-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3374-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3375-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3375-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3384-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3384-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3705-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3705-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3706-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3706-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3707-pe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3707-pe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3904-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3904-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3905-re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3905-re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3915-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3915-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5414-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5414-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5415-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5415-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5512-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5512-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5514-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5514-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5515-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5515-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5522-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5522-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5532-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5532-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5534-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5534-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5544_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5544:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5624-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5624-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p5635-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p5635-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7214_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7216_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p7224_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p7224_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8513_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8513:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8514_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8514:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p8524_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p8524:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1602-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1602-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1604-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1604-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1605-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1605-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1614-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1614-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1615-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1615-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1635-z_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1635-z:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1645_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1645:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1647_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1647:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1659_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1659:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1755-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1755-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1765-le_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1765-le_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1775-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1775-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1910-e_firmware:5.51.5:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1910-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1921-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1921-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1922-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1922-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1931-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1931-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1932-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1932-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1941-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1941-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q1942-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q1942-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q2901-e_pt_mount_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q2901-e_pt_mount:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3504-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3504-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-sve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-sve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-v_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-v_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3505-ve_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3505-ve_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3515-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3515-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3517-lve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3517-lve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3615-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3615-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3617-ve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3617-ve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3708-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3708-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q3709-pve_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q3709-pve:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6000-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6000-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6032-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6032-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6034-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6034-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6035-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6035-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6042-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6042-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6044-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6044-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-c_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-c_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6045-s_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6045-s_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6052-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6052-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6054-e_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6054-e_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6055-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6055-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6114-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6114-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6115-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6115-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6124-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6124-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6125-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6125-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6128-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6128-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q6155-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q6155-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7401_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7404_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7406_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7406_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7411_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7411:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7414_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7414_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7424-r_mk_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7424-r_mk_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q7436_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q7436_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8414-lvs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8414-lvs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8631-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8631-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8632-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8632-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8641-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8641-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8642-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8642-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8655-zle_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8655-zle:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8665-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8665-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8675-ze_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8675-ze:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8685-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8685-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8721-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8721-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8722-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8722-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8741-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8741-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-e_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-e_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:q8742-le_zoom_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:q8742-le_zoom:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5914_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5914:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:v5915_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:v5915:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf40-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf40-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xf60-q2901_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xf60-q2901:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp40-q1942_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp40-q1942:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:xp60-q1765_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:xp60-q1765:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:d201-s_xpt_q6055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:d201-s_xpt_q6055:-:*:*:*:*:*:*:*']",0,0
CVE-2018-9156,Axis Communications,0.00337,7.5,0.0,1.0,0.0,1.0,1,2018-04-01,0.0,,0.0,,,"An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with ""<!--#exec cmd="" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-434'],"['cpe:2.3:o:axis:p1354_firmware:5.90.1.1:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1354:-:*:*:*:*:*:*:*']",0,0
CVE-2018-9157,Axis Communications,0.00284,7.5,0.0,1.0,0.0,1.0,1,2018-04-01,0.0,,0.0,,,"An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with ""<!--#exec cmd="" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality",CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-434'],"['cpe:2.3:o:axis:m1033-w_firmware:5.40.5.1:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1033-w:-:*:*:*:*:*:*:*']",0,0
CVE-2018-9158,Axis Communications,0.00175,7.5,0.0,1.0,0.0,1.0,1,2018-04-01,0.0,,0.0,,,"An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. They don't employ a suitable mechanism to prevent a DoS attack, which leads to a response time delay. An attacker can use the hping3 tool to perform an IPv4 flood attack, and the services are interrupted from attack start to end.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:o:axis:m1033-w_firmware:5.40.5.1:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m1033-w:-:*:*:*:*:*:*:*']",0,0
CVE-2017-20049,Axis Communications,0.00285,9.8,0.0,1.0,0.0,1.0,0,2022-06-15,1.0,2022-09-06,,,0.0,"A vulnerability, was found in legacy Axis devices such as P3225 and M3005. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-269'],"['cpe:2.3:o:axis:p1204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p1204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3225_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:p3367_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:p3367:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3005_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3005:-:*:*:*:*:*:*:*', 'cpe:2.3:o:axis:m3007_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:axis:m3007:-:*:*:*:*:*:*:*']",0,0
CVE-2021-31987,Axis Communications,0.00394,7.5,0.0,0.0,0.0,1.0,0,2021-10-05,0.0,,1.0,2022-01-31,,A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.,CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*', 'cpe:2.3:o:axis:axis_os_2016:*:*:*:*:lts:*:*:*', 'cpe:2.3:o:axis:axis_os_2018:*:*:*:*:lts:*:*:*', 'cpe:2.3:o:axis:axis_os_2020:*:*:*:*:lts:*:*:*']",0,0
CVE-2021-31988,Axis Communications,0.00283,8.8,0.0,0.0,0.0,1.0,0,2021-10-05,0.0,,1.0,2022-01-31,,A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-74'],"['cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*', 'cpe:2.3:o:axis:axis_os_2016:*:*:*:*:lts:*:*:*', 'cpe:2.3:o:axis:axis_os_2018:*:*:*:*:lts:*:*:*', 'cpe:2.3:o:axis:axis_os_2020:*:*:*:*:lts:*:*:*']",0,0
CVE-2021-31989,Axis Communications,0.00092,5.3,0.0,0.0,1.0,0.0,0,2021-08-25,1.0,2021-08-04,,,1.0,A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices.,CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.6,3.6,['CWE-312'],['cpe:2.3:a:axis:device_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2022-23410,Axis Communications,0.00139,7.8,0.0,0.0,1.0,0.0,0,2022-02-14,1.0,2022-03-09,,,0.0,AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same folder.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],['cpe:2.3:a:axis:ip_utility:*:*:*:*:*:*:*:*'],0,0
CVE-2017-12568,Brother,0.00235,7.5,0.0,1.0,0.0,1.0,1,2017-08-06,0.0,,0.0,,,Denial of Service vulnerability in Debut embedded httpd 1.20 in Brother DCP-J132W (and probably other DCP models) allows remote attackers to hang the printer (disrupting its network connection) by sending a large amount of HTTP packets.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:brother:dcp-j132w_firmware:1.20:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j132w:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16249,Brother,0.04168,7.5,1.0,1.0,0.0,1.0,1,2017-11-10,0.0,,0.0,,,"The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying (~300 seconds) with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web interface is inaccessible. An attacker can continuously send this malformed request to keep the device inaccessible to legitimate traffic.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:brother:dcp-j132w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j132w:-:*:*:*:*:*:*:*']",1,0
CVE-2017-2244,Brother,0.00091,8.8,0.0,1.0,0.0,1.0,1,2017-07-07,0.0,,1.0,2017-07-04,,Cross-site request forgery (CSRF) vulnerability in MFC-J960DWN firmware ver.D and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:h:brother:mfc-j960dwn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j960dwn_firmware:d:*:*:*:*:*:*:*']",0,0
CVE-2017-7588,Brother,0.75923,9.8,1.0,1.0,0.0,1.0,1,2017-04-12,0.0,,0.0,,,"On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW MFC-J4620DW MFC-L8850CDW MFC-J3720 MFC-J6520DW MFC-L2740DW MFC-J5910DW MFC-J6920DW MFC-L2700DW MFC-9130CW MFC-9330CDW MFC-9340CDW MFC-J5620DW MFC-J6720DW MFC-L8600CDW MFC-L9550CDW MFC-L2720DW DCP-L2540DW DCP-L2520DW HL-3140CW HL-3170CDW HL-3180CDW HL-L8350CDW HL-L2380DW ADS-2500W ADS-1000W ADS-1500W.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:brother:mfc_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-8710dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-9130cw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-9330cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-9340cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j3720:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j4420dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j4620dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5620dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5910dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6520dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6720dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6920dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6973cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2720dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2740dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8600cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8850cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l9550cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2520dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:ads_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-1000w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-1500w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-2500w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-3140cw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-3170cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-3180cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2380dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8350cdw:-:*:*:*:*:*:*:*']",1,0
CVE-2018-11581,Brother,0.00088,4.8,1.0,1.0,0.0,1.0,1,2018-06-01,1.0,2019-03-21,,,0.0,Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html.,CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.7,2.7,['CWE-79'],"['cpe:2.3:o:brother:hl-l2340d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2340d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2380dw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2380dw:-:*:*:*:*:*:*:*']",1,0
CVE-2019-13192,Brother,0.01549,9.8,0.0,1.0,0.0,1.0,1,2020-03-13,1.0,2019-07-31,,,1.0,Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a heap buffer overflow vulnerability as the IPP service did not parse attribute names properly. This would allow an attacker to execute arbitrary code on the device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:brother:ads-2400n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-2400n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:ads-2800w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-2800w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:ads-3000n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-3000n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:ads-3600w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-3600w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1610w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1610w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1610we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1610we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1610wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1610wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1610wvb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1610wvb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1612w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1612w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1612we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1612we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1612wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1612wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1612wvb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1612wvb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1615nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1615nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1616nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1616nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1617nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1617nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1618w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1618w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1622we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1622we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1623we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1623we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1623wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1623wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-7180dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-7180dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-7195dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-7195dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-9030cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-9030cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7520dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7520dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7520dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7520dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7530dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7530dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7535dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7535dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7535dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7535dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j1100dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j1100dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j572dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j572dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j572n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j572n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j577n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j577n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j582n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j582n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j772dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j772dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j774dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j774dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j972n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j972n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j973n-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j973n-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j973n-w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j973n-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j978n-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j978n-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j978n-w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j978n-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j981n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j981n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j982n-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j982n-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j982n-w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j982n-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j988n\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j988n\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2520dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2520dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2520dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2520dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2530dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2530dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2531dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2531dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2532dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2532dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2535dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2535dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2537dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2537dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2540dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2540dnr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dnr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2540dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2540dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2541dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2541dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2550dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2550dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2550dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2550dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2550dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2550dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2551dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2551dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2551dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2551dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2552dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2552dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2560dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2560dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2560dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2560dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l3510cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l3510cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l3517cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l3517cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l3550cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l3550cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l3551cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l3551cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5500dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5500dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5502dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5502dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5600dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5600dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5602dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5602dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5650dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5650dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5652dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5652dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l6600dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l6600dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l8410cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l8410cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-t510w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-t510w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-t510w\\(chn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-t510w\\(chn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-t710w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-t710w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-t710w\\(chn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-t710w\\(chn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:fax-l2700dn\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:fax-l2700dn\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:fax-l2710dn\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:fax-l2710dn\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-j6000cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-j6000cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-j6000dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-j6000dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-j6100dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-j6100dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2380dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2380dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2390dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2390dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2395dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2395dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3290cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3290cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-t4000dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-t4000dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1910w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1910w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1910we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1910we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1911nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1911nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1911w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1911w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1912wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1912wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1915w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1915w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1916nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1916nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1919nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1919nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-7880dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-7880dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-7895dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-7895dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-8530dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-8530dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-8535dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-8535dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-8540dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-8540dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-9150cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-9150cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-9350cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-9350cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-b7715dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-b7715dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-b7720dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-b7720dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j1300dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j1300dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j1500n\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j1500n\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j1605dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j1605dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j2330dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j2330dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j2730dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j2730dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j3530dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j3530dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j3930dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j3930dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j491dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j491dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j497dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j497dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5330dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5330dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5335dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5335dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5630cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5630cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5730dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5730dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5830dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5830dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5845dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5845dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5845dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5845dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5930dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5930dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5945dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5945dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6530dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6530dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6535dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6535dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6545dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6545dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6545dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6545dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6580cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6580cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6583cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6583cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6730dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6730dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j690dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j690dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6930dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6930dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6935dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6935dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6945dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6945dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6947dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6947dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6980cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6980cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6983cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6983cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6995cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6995cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6997cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6997cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6999cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6999cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j738dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j738dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j738dwn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j738dwn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j805dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j805dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j805dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j805dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j815dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j815dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j890dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j890dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j893n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j893n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j895dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j895dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j898n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j898n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j903n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j903n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j995dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j995dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j995dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j995dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j998dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j998dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j998dwn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j998dwn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2680w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2680w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2685dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2685dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dnr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dnr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dw\\(oce\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dw\\(oce\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2701dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2701dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2703dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2703dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2705dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2705dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2707dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2707dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2710dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2710dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2710dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2710dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2712dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2712dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2712dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2712dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2713dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2713dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2715dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2715dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2715dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2715dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2715dw\\(twn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2715dw\\(twn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2716dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2716dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2717dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2717dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2720dn\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2720dn\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2720dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2720dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2720dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2720dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2730dn\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2730dn\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2730dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2730dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2732dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2732dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2740dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2740dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2740dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2740dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2740dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2740dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2750dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2750dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2750dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2750dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2750dwxl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2750dwxl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2751dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2751dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2752dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2752dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2770dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2770dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2771dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2771dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3710cw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3710cw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3730cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3730cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3735cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3735cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3745cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3745cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3750cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3750cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3770cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3770cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3770cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3770cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5700dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5700dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5700dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5700dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5702dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5702dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5750dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5750dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5755dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5755dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5755dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5755dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5800dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5800dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5802dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5802dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5850dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5850dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5900dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5900dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5902dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5902dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6700dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6700dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6702dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6702dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6750dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6750dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6800dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6800dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6900dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6900dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6900dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6900dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6900dwg_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6900dwg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6900dwx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6900dwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6902dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6902dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6950dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6950dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6970dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6970dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l8610cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8610cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l8610cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8610cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l8690cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8690cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l8900cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8900cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l9570cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l9570cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l9570cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l9570cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l9577cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l9577cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-t4500dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-t4500dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-t810w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-t810w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-t810w\\(chn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-t810w\\(chn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-t910dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-t910dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1210w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1210w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1210we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1210we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1210wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1210wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1210wvb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1210wvb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1211w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1211w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212wvb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212wvb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1218w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1218w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1222we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1222we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1223we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1223we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-2560dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-2560dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-2595dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-2595dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-3160cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-3160cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-3190cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-3190cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-5590dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-5590dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-b2050dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-b2050dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-b2080dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-b2080dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2305w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2305w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2315dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2315dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2340dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2340dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2340dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2340dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2350dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2350dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2351dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2351dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2352dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2352dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2357dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2357dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2360dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2360dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2360dnr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2360dnr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2360dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2360dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2361dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2361dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2365dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2365dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2365dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2365dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2366dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2366dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2370dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2370dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2370dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2370dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2370dwxl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2370dwxl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2371dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2371dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2372dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2372dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2375dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2375dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2376dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2376dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2385dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2385dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2386dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2386dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3210cw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3210cw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3230cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3230cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3230cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3230cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3270cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3270cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5100dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5100dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5100dnt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5100dnt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5102dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5102dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5200dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5200dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5200dwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5200dwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5202dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5202dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5595dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5595dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6200dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6200dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6200dwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6200dwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6202dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6202dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6250dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6250dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6250dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6250dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6300dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6300dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6300dwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6300dwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6400dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6400dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6400dwg_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6400dwg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6400dwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6400dwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6400dwx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6400dwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6402dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6402dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6450dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6450dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l8260cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8260cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l8260cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8260cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l8360cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8360cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l8360cdwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8360cdwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l9310cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l9310cdw:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13193,Brother,0.00875,8.8,0.0,1.0,0.0,1.0,1,2020-03-13,1.0,2019-07-31,,,1.0,Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly. This would allow an attacker to execute arbitrary code on the device.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:brother:ads-2400n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-2400n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:ads-2800w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-2800w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:ads-3000n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-3000n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:ads-3600w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-3600w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1610w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1610w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1610we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1610we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1610wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1610wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1610wvb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1610wvb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1612w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1612w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1612we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1612we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1612wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1612wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1612wvb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1612wvb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1615nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1615nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1616nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1616nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1617nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1617nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1618w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1618w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1622we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1622we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1623we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1623we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1623wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1623wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-7180dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-7180dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-7195dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-7195dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-9030cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-9030cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7520dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7520dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7520dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7520dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7530dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7530dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7535dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7535dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7535dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7535dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j1100dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j1100dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j572dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j572dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j572n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j572n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j577n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j577n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j582n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j582n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j772dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j772dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j774dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j774dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j972n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j972n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j973n-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j973n-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j973n-w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j973n-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j978n-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j978n-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j978n-w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j978n-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j981n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j981n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j982n-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j982n-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j982n-w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j982n-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j988n\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j988n\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2520dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2520dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2520dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2520dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2530dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2530dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2531dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2531dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2532dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2532dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2535dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2535dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2537dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2537dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2540dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2540dnr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dnr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2540dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2540dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2541dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2541dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2550dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2550dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2550dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2550dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2550dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2550dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2551dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2551dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2551dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2551dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2552dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2552dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2560dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2560dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2560dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2560dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l3510cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l3510cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l3517cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l3517cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l3550cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l3550cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l3551cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l3551cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5500dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5500dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5502dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5502dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5600dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5600dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5602dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5602dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5650dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5650dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5652dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5652dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l6600dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l6600dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l8410cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l8410cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-t510w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-t510w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-t510w\\(chn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-t510w\\(chn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-t710w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-t710w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-t710w\\(chn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-t710w\\(chn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:fax-l2700dn\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:fax-l2700dn\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:fax-l2710dn\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:fax-l2710dn\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-j6000cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-j6000cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-j6000dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-j6000dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-j6100dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-j6100dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2380dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2380dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2390dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2390dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2395dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2395dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3290cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3290cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-t4000dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-t4000dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1910w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1910w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1910we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1910we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1911nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1911nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1911w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1911w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1912wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1912wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1915w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1915w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1916nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1916nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1919nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1919nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-7880dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-7880dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-7895dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-7895dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-8530dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-8530dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-8535dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-8535dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-8540dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-8540dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-9150cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-9150cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-9350cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-9350cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-b7715dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-b7715dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-b7720dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-b7720dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j1300dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j1300dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j1500n\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j1500n\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j1605dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j1605dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j2330dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j2330dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j2730dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j2730dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j3530dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j3530dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j3930dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j3930dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j491dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j491dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j497dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j497dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5330dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5330dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5335dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5335dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5630cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5630cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5730dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5730dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5830dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5830dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5845dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5845dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5845dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5845dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5930dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5930dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5945dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5945dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6530dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6530dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6535dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6535dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6545dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6545dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6545dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6545dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6580cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6580cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6583cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6583cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6730dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6730dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j690dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j690dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6930dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6930dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6935dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6935dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6945dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6945dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6947dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6947dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6980cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6980cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6983cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6983cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6995cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6995cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6997cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6997cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6999cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6999cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j738dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j738dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j738dwn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j738dwn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j805dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j805dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j805dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j805dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j815dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j815dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j890dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j890dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j893n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j893n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j895dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j895dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j898n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j898n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j903n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j903n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j995dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j995dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j995dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j995dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j998dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j998dn:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j998dwn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j998dwn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2680w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2680w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2685dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2685dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dnr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dnr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dw\\(oce\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dw\\(oce\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2701dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2701dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2703dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2703dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2705dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2705dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2707dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2707dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2710dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2710dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2710dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2710dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2712dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2712dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2712dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2712dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2713dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2713dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2715dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2715dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2715dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2715dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2715dw\\(twn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2715dw\\(twn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2716dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2716dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2717dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2717dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2720dn\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2720dn\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2720dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2720dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2720dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2720dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2730dn\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2730dn\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2730dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2730dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2732dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2732dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2740dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2740dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2740dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2740dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2740dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2740dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2750dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2750dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2750dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2750dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2750dwxl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2750dwxl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2751dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2751dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2752dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2752dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2770dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2770dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2771dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2771dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3710cw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3710cw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3730cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3730cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3735cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3735cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3745cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3745cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3750cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3750cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3770cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3770cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3770cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3770cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5700dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5700dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5700dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5700dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5702dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5702dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5750dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5750dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5755dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5755dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5755dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5755dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5800dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5800dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5802dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5802dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5850dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5850dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5900dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5900dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5902dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5902dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6700dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6700dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6702dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6702dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6750dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6750dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6800dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6800dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6900dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6900dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6900dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6900dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6900dwg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6900dwg_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6900dwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6900dwx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6902dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6902dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6950dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6950dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6970dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6970dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l8610cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8610cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l8610cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8610cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l8690cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8690cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l8900cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8900cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l9570cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l9570cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l9570cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l9570cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l9577cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l9577cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-t4500dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-t4500dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-t810w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-t810w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-t810w\\(chn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-t810w\\(chn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-t910dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-t910dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1210w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1210w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1210we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1210we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1210wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1210wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1210wvb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1210wvb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1211w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1211w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212wvb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212wvb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1218w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1218w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1222we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1222we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1223we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1223we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-2560dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-2560dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-2595dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-2595dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-3160cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-3160cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-3190cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-3190cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-5590dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-5590dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-b2050dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-b2050dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-b2080dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-b2080dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2305w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2305w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2315dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2315dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2340dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2340dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2340dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2340dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2350dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2350dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2351dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2351dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2352dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2352dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2357dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2357dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2360dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2360dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2360dnr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2360dnr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2360dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2360dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2361dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2361dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2365dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2365dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2365dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2365dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2366dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2366dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2370dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2370dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2370dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2370dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2370dwxl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2370dwxl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2371dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2371dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2372dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2372dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2375dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2375dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2376dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2376dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2385dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2385dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2386dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2386dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3210cw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3210cw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3230cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3230cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3230cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3230cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3270cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3270cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5100dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5100dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5100dnt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5100dnt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5102dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5102dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5200dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5200dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5200dwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5200dwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5202dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5202dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5595dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5595dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6200dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6200dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6200dwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6200dwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6202dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6202dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6250dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6250dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6250dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6250dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6300dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6300dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6300dwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6300dwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6400dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6400dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6400dwg_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6400dwg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6400dwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6400dwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6400dwx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6400dwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6402dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6402dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6450dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6450dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l8260cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8260cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l8260cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8260cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l8360cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8360cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l8360cdwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8360cdwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l9310cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l9310cdw:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13194,Brother,0.00334,7.5,0.0,1.0,0.0,1.0,1,2020-03-13,1.0,2019-07-31,,,1.0,Some Brother printers (such as the HL-L8360CDW v1.20) were affected by different information disclosure vulnerabilities that provided sensitive information to an unauthenticated user who visits a specific URL.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:o:brother:ads-2400n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-2400n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:ads-2800w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-2800w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:ads-3000n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-3000n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:ads-3600w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:ads-3600w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1610w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1610w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1610we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1610we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1610wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1610wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1610wvb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1610wvb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1612w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1612w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1612we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1612we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1612wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1612wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1612wvb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1612wvb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1615nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1615nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1616nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1616nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1617nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1617nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1618w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1618w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1622we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1622we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1623we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1623we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-1623wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-1623wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-7180dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-7180dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-7195dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-7195dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-9030cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-9030cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7520dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7520dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7520dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7520dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7530dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7530dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7535dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7535dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-b7535dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-b7535dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j1100dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j1100dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j572dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j572dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j572n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j572n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j577n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j577n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j582n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j582n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j772dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j772dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j774dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j774dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j972n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j972n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j973n-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j973n-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j973n-w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j973n-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j978n-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j978n-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j978n-w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j978n-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j981n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j981n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j982n-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j982n-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j982n-w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j982n-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-j988n\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-j988n\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2520dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2520dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2520dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2520dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2530dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2530dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2531dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2531dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2532dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2532dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2535dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2535dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2537dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2537dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2540dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2540dnr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dnr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2540dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2540dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2540dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2541dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2541dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2550dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2550dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2550dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2550dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2550dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2550dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2551dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2551dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2551dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2551dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2552dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2552dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2560dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2560dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l2560dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l2560dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l3510cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l3510cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l3517cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l3517cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l3550cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l3550cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l3551cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l3551cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5500dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5500dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5502dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5502dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5600dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5600dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5602dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5602dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5650dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5650dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l5652dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l5652dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l6600dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l6600dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-l8410cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-l8410cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-t510w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-t510w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-t510w\\(chn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-t510w\\(chn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-t710w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-t710w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:dcp-t710w\\(chn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:dcp-t710w\\(chn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:fax-l2700dn\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:fax-l2700dn\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:fax-l2710dn\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:fax-l2710dn\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-j6000cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-j6000cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-j6000dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-j6000dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-j6100dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-j6100dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2380dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2380dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2390dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2390dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2395dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2395dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3290cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3290cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-t4000dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-t4000dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1910w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1910w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1910we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1910we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1911nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1911nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1911w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1911w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1912wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1912wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1915w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1915w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1916nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1916nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-1919nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-1919nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-7880dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-7880dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-7895dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-7895dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-8530dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-8530dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-8535dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-8535dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-8540dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-8540dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-9150cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-9150cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-9350cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-9350cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-b7715dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-b7715dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-b7720dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-b7720dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j1300dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j1300dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j1500n\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j1500n\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j1605dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j1605dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j2330dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j2330dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j2730dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j2730dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j3530dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j3530dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j3930dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j3930dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j491dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j491dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j497dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j497dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5330dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5330dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5335dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5335dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5630cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5630cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5730dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5730dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5830dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5830dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5845dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5845dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5845dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5845dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5930dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5930dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j5945dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j5945dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6530dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6530dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6535dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6535dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6545dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6545dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6545dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6545dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6580cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6580cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6583cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6583cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6730dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6730dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j690dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j690dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6930dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6930dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6935dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6935dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6945dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6945dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6947dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6947dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6980cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6980cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6983cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6983cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6995cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6995cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6997cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6997cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j6999cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j6999cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j738dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j738dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j738dwn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j738dwn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j805dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j805dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j805dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j805dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j815dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j815dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j890dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j890dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j893n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j893n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j895dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j895dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j898n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j898n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j903n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j903n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j995dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j995dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j995dw_xl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j995dw_xl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j998dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j998dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-j998dwn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-j998dwn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2680w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2680w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2685dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2685dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dnr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dnr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dw\\(oce\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dw\\(oce\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2700dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2700dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2701dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2701dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2703dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2703dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2705dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2705dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2707dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2707dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2710dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2710dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2710dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2710dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2712dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2712dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2712dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2712dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2713dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2713dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2715dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2715dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2715dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2715dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2715dw\\(twn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2715dw\\(twn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2716dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2716dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2717dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2717dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2720dn\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2720dn\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2720dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2720dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2720dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2720dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2730dn\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2730dn\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2730dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2730dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2732dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2732dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2740dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2740dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2740dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2740dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2740dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2740dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2750dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2750dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2750dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2750dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2750dwxl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2750dwxl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2751dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2751dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2752dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2752dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2770dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2770dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l2771dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l2771dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3710cw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3710cw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3730cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3730cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3735cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3735cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3745cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3745cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3750cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3750cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3770cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3770cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l3770cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l3770cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5700dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5700dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5700dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5700dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5702dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5702dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5750dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5750dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5755dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5755dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5755dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5755dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5800dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5800dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5802dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5802dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5850dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5850dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5900dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5900dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l5902dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l5902dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6700dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6700dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6702dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6702dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6750dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6750dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6800dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6800dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6900dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6900dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6900dw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6900dw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6900dwg_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6900dwg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6900dwx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6900dwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6902dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6902dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6950dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6950dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l6970dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l6970dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l8610cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8610cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l8610cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8610cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l8690cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8690cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l8900cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l8900cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l9570cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l9570cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l9570cdw\\(jpn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l9570cdw\\(jpn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-l9577cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-l9577cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-t4500dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-t4500dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-t810w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-t810w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-t810w\\(chn\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-t810w\\(chn\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:mfc-t910dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:mfc-t910dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1210w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1210w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1210we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1210we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1210wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1210wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1210wvb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1210wvb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1211w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1211w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1212wvb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1212wvb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1218w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1218w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1222we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1222we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-1223we_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-1223we:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-2560dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-2560dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-2595dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-2595dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-3160cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-3160cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-3190cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-3190cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-5590dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-5590dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-b2050dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-b2050dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-b2080dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-b2080dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2305w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2305w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2315dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2315dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2340dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2340dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2340dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2340dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2350dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2350dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2351dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2351dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2352dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2352dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2357dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2357dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2360dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2360dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2360dnr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2360dnr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2360dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2360dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2361dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2361dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2365dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2365dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2365dwr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2365dwr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2366dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2366dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2370dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2370dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2370dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2370dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2370dwxl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2370dwxl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2371dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2371dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2372dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2372dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2375dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2375dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2376dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2376dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2385dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2385dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l2386dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l2386dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3210cw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3210cw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3230cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3230cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3230cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3230cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l3270cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l3270cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5100dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5100dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5100dnt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5100dnt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5102dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5102dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5200dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5200dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5200dwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5200dwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5202dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5202dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l5595dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l5595dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6200dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6200dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6200dwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6200dwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6202dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6202dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6250dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6250dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6250dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6250dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6300dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6300dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6300dwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6300dwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6400dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6400dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6400dwg_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6400dwg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6400dwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6400dwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6400dwx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6400dwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6402dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6402dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l6450dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l6450dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l8260cdn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8260cdn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l8260cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8260cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l8360cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8360cdw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l8360cdwt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l8360cdwt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:brother:hl-l9310cdw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:brother:hl-l9310cdw:-:*:*:*:*:*:*:*']",0,0
CVE-2017-12582,QNAP,0.00233,9.8,0.0,1.0,0.0,1.0,1,2017-08-18,0.0,,0.0,,,"Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P devices with firmware 4.2.1 build 20160601. Unprivileged user cannot login at front end but with that unprivileged user SID, all function can access at Surveillance Station.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-862'],"['cpe:2.3:o:qnap:ts-212p_firmware:4.2.1:*:*:*:*:*:*:*', 'cpe:2.3:h:qnap:ts-212p:-:*:*:*:*:*:*:*']",0,0
CVE-2017-7631,QNAP,0.00116,6.1,0.0,0.0,0.0,1.0,1,2018-03-27,1.0,2018-03-23,,,1.0,"Cross-site scripting (XSS) vulnerability in the share link function of File Station of QNAP 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to inject arbitrary web script or HTML.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:qnap:qts:4.2.6:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*']",0,0
CVE-2018-0723,QNAP,0.00115,6.1,0.0,0.0,1.0,0.0,1,2018-12-26,1.0,2018-12-26,,,1.0,"Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance 1.8.1014 and earlier versions could allow remote attackers to inject Javascript code in the compromised application, a different vulnerability than CVE-2018-0724.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"[""cpe:2.3:a:qnap:q\\'center_virtual_appliance:*:*:*:*:*:*:*:*""]",0,0
CVE-2018-0724,QNAP,0.00115,6.1,0.0,0.0,1.0,0.0,1,2018-12-26,1.0,2018-12-26,,,1.0,"Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance 1.8.1014 and earlier versions could allow remote attackers to inject Javascript code in the compromised application, a different vulnerability than CVE-2018-0723.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"[""cpe:2.3:a:qnap:q\\'center_virtual_appliance:*:*:*:*:*:*:*:*""]",0,0
CVE-2018-19948,QNAP,0.00051,6.5,0.0,0.0,1.0,0.0,1,2020-09-11,1.0,2020-09-09,,,1.0,"The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery (CSRF) vulnerability could allow attackers to force NAS users to execute unintentional actions through a web application. QNAP has already fixed the issue in Helpdesk 3.0.3 and later.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-352'],['cpe:2.3:a:qnap:helpdesk:*:*:*:*:*:*:*:*'],0,0
CVE-2018-19950,QNAP,0.0026,9.8,0.0,0.0,1.0,1.0,1,2020-11-02,1.0,2020-10-30,,,1.0,"If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:qnap:qts:4.4.3:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*']",0,0
CVE-2018-19951,QNAP,0.00115,6.1,0.0,0.0,1.0,1.0,1,2020-11-02,1.0,2020-10-30,,,1.0,"If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.4.3:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*']",0,0
CVE-2018-19952,QNAP,0.00112,7.5,0.0,0.0,1.0,1.0,1,2020-11-02,1.0,2020-10-30,,,1.0,"If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-89', 'CWE-20']","['cpe:2.3:o:qnap:qts:4.4.3:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*']",0,0
CVE-2018-19953,QNAP,0.00379,6.1,0.0,0.0,0.0,1.0,1,2020-10-28,1.0,2020-06-05,,,1.0,"If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:-:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*']",0,0
CVE-2018-19954,QNAP,0.00115,6.1,0.0,0.0,1.0,0.0,1,2020-11-02,1.0,2020-10-30,,,1.0,"The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. If exploited, the vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Photo Station versions prior to 5.7.11; versions prior to 6.0.10.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*']",0,0
CVE-2018-19955,QNAP,0.00115,6.1,0.0,0.0,1.0,0.0,1,2020-11-02,1.0,2020-10-30,,,1.0,"The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. If exploited, the vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Photo Station versions prior to 5.7.11; versions prior to 6.0.10.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*']",0,0
CVE-2018-19956,QNAP,0.00115,6.1,0.0,0.0,1.0,0.0,1,2020-11-02,1.0,2020-10-30,,,1.0,"The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. If exploited, the vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Photo Station versions prior to 5.7.11; versions prior to 6.0.10.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*']",0,0
CVE-2017-13068,QNAP,0.00166,7.5,1.0,0.0,1.0,0.0,0,2017-10-06,1.0,2017-09-29,,,1.0,QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-89'],['cpe:2.3:a:qnap:qts_helpdesk:*:*:*:*:*:*:*:*'],1,0
CVE-2017-13073,QNAP,0.00116,6.1,0.0,0.0,1.0,0.0,0,2018-04-23,1.0,2018-04-23,,,1.0,"Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*']",0,0
CVE-2017-17030,QNAP,0.04374,9.8,0.0,0.0,0.0,1.0,0,2017-12-21,1.0,2018-01-03,,,0.0,"A buffer overflow vulnerability in login function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0358:beta1:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0370:beta1:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0372:beta1:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0374:beta1:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0387:beta2:*:*:*:*:*:*']",0,0
CVE-2017-6359,QNAP,0.65056,9.8,1.0,0.0,0.0,1.0,0,2017-03-23,0.0,,0.0,,,QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],['cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*'],1,1
CVE-2017-7640,QNAP,0.00489,9.8,0.0,0.0,1.0,1.0,0,2018-03-08,1.0,2018-03-08,,,1.0,"QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to run arbitrary OS commands against the system with root privileges.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:a:qnap:media_streaming_add-on:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:media_streaming_add-on:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*']",0,0
CVE-2017-7876,QNAP,0.29056,9.8,0.0,0.0,0.0,1.0,0,2017-06-15,1.0,2017-07-12,,,0.0,"This command injection vulnerability in QTS allows attackers to run arbitrary commands in the compromised application. QNAP have already fixed the issue in QTS 4.2.6 build 20170517, QTS 4.3.3.0174 build 20170503 and later versions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,6.0,['CWE-77'],['cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*'],0,0
CVE-2018-0708,QNAP,0.17099,8.8,1.0,0.0,1.0,0.0,0,2018-07-17,1.0,2018-07-10,,,1.0,Command injection vulnerability in networking of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"[""cpe:2.3:a:qnap:q\\'center:*:*:*:*:*:*:*:*""]",1,1
CVE-2018-0712,QNAP,0.00288,9.8,0.0,0.0,0.0,1.0,0,2018-06-21,1.0,2018-06-19,,,1.0,"Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20180402, QTS 4.3.4 build 20180413 and their earlier versions could allow remote attackers to run arbitrary commands or install malware on the NAS.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:qnap:qts:4.2.6:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*']",0,0
CVE-2018-0721,QNAP,0.00224,9.8,0.0,0.0,0.0,1.0,0,2018-11-27,1.0,2018-09-20,,,1.0,Buffer Overflow vulnerability in NAS devices. QTS allows attackers to run arbitrary code. This issue affects: QNAP Systems Inc. QTS version 4.2.6 and prior versions on build 20180711; version 4.3.3 and prior versions on build 20180725; version 4.3.4 and prior versions on build 20180710.,CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L,NETWORK,HIGH,LOW,NONE,CHANGED,LOW,HIGH,LOW,HIGH,1.8,5.3,"['CWE-119', 'CWE-120']","['cpe:2.3:o:qnap:qts:4.2.6:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4:*:*:*:*:*:*:*']",0,0
CVE-2018-14746,QNAP,0.00274,9.8,0.0,0.0,0.0,1.0,0,2018-11-28,1.0,2018-11-22,,,1.0,"Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to run arbitrary commands on the NAS.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:qnap:qts:4.2.6:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.5:*:*:*:*:*:*:*']",0,0
CVE-2018-14748,QNAP,0.00209,7.5,0.0,0.0,0.0,1.0,0,2018-11-28,1.0,2018-11-22,,,1.0,"Improper Authorization vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to power off the NAS.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-863'],"['cpe:2.3:o:qnap:qts:4.2.6:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.5:*:*:*:*:*:*:*']",0,0
CVE-2018-19942,QNAP,0.00115,6.1,0.0,0.0,0.0,1.0,0,2021-04-16,1.0,2021-04-16,,,1.0,"A cross-site scripting (XSS) vulnerability has been reported to affect earlier versions of File Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 build 20210202 (and later) QTS 4.5.1.1456 build 20201015 (and later) QTS 4.3.6.1446 build 20200929 (and later) QTS 4.3.4.1463 build 20201006 (and later) QTS 4.3.3.1432 build 20201006 (and later) QTS 4.2.6 build 20210327 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later) QuTScloud c4.5.4.1601 build 20210309 (and later) QuTScloud c4.5.3.1454 build 20201013 (and later)",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:-:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20200109:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20200421:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20200611:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0095:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0096:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0136:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0154:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0174:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0188:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0210:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0229:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0238:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0262:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0299:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0351:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0353:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0361:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0369:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0378:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0396:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0404:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0416:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0418:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0448:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0514:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0546:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0570:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0868:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.0998:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.1051:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.1098:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.1161:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.1252:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.1315:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3.1386:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0358:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0358:beta1:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0370:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0370:beta1:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0372:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0372:beta1:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0374:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0374:beta1:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0387:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0387:beta2:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0411:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0416:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0427:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0434:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0435:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0451:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0483:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0486:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0506:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0516:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0526:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0551:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0557:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0561:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0569:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0593:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0597:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0604:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.0899:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.1029:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.1082:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.1190:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.1282:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.1368:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4.1417:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6:-:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0895:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0907:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0923:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0944:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0959:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0979:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0993:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.1013:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.1033:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.1070:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.1154:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.1218:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.1263:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.1286:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.1333:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.1411:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.5.1:-:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.5.2:-:*:*:*:*:*:*', 'cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:quts_hero:h4.5.1:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:quts_hero:h4.5.1:-:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qutscloud:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qutscloud:c4.5.3:-:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qutscloud:c4.5.4:-:*:*:*:*:*:*']",0,0
CVE-2018-19943,QNAP,0.00176,5.4,0.0,0.0,0.0,1.0,0,2020-10-28,1.0,2020-06-05,,,1.0,"If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later QTS 4.3.4.1282 build 20200408 and later QTS 4.3.3.1252 build 20200409 and later QTS 4.2.6 build 20200421 and later",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:-:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20200109:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20200421:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20200611:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*']",0,0
CVE-2019-7181,QNAP,0.27907,7.5,1.0,0.0,1.0,0.0,0,2019-05-09,1.0,2019-05-09,,,1.0,Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and earlier could allow remote attackers to crash the program.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-119'],['cpe:2.3:a:qnap:myqnapcloud:*:*:*:*:*:*:*:*'],1,0
CVE-2019-7185,QNAP,0.00066,4.8,0.0,0.0,1.0,1.0,0,2019-12-05,1.0,2019-12-05,,,1.0,"This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Music Station to their latest versions.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.7,2.7,['CWE-79'],"['cpe:2.3:o:qnap:qts:4.4.1:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*']",0,0
CVE-2019-7193,QNAP,0.95151,9.8,0.0,0.0,0.0,1.0,0,2019-12-05,1.0,2019-12-05,,,1.0,"This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],"['cpe:2.3:o:qnap:qts:4.3.6.0895:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0907:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0923:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0944:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0959:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0979:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.0993:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.1013:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6.1033:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.4.1.0948:beta:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.4.1.0949:beta:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.4.1.0978:beta_2:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.4.1.0998:beta_3:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.4.1.0999:beta_3:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.4.1.1031:beta_4:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.4.1.1033:beta_4:*:*:*:*:*:*']",0,0
CVE-2019-7201,QNAP,0.00042,7.8,0.0,0.0,1.0,0.0,0,2019-12-04,1.0,2019-12-02,,,1.0,An unquoted service path vulnerability is reported to affect the service QVssService in QNAP NetBak Replicator. This vulnerability could allow an authorized but non-privileged local user to execute arbitrary code with elevated system privileges. QNAP have already fixed this issue in QNAP NetBak Replicator 4.5.12.1108.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-428'],['cpe:2.3:a:qnap:netbak_replicator:*:*:*:*:*:*:*:*'],0,0
CVE-2020-2495,QNAP,0.00115,6.1,0.0,0.0,0.0,1.0,0,2020-12-10,1.0,2020-12-07,,,1.0,"If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later QTS 4.3.6.1333 build 20200608 and later QTS 4.3.4.1368 build 20200703 and later QTS 4.3.3.1315 build 20200611 and later QTS 4.2.6 build 20200611 and later",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*']",0,0
CVE-2020-2504,QNAP,0.00244,7.5,0.0,0.0,1.0,0.0,0,2020-12-24,1.0,2020-12-23,,,1.0,"If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-22', 'CWE-20']","['cpe:2.3:a:qnap:qes:*:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:qes:2.1.1:-:*:*:*:*:*:*', 'cpe:2.3:a:qnap:qes:2.1.1:build_20200211:*:*:*:*:*:*', 'cpe:2.3:a:qnap:qes:2.1.1:build_20200303:*:*:*:*:*:*', 'cpe:2.3:a:qnap:qes:2.1.1:build_20200319:*:*:*:*:*:*', 'cpe:2.3:a:qnap:qes:2.1.1:build_20200424:*:*:*:*:*:*', 'cpe:2.3:a:qnap:qes:2.1.1:build_20200515:*:*:*:*:*:*', 'cpe:2.3:a:qnap:qes:2.1.1:build_20200811:*:*:*:*:*:*']",0,0
CVE-2020-2508,QNAP,0.0012,7.2,0.0,0.0,0.0,1.0,0,2021-01-11,1.0,2021-01-11,,,1.0,"A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.1.1456 build 20201015 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later)",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-77'],"['cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*']",0,0
CVE-2020-25847,QNAP,0.0012,8.8,0.0,0.0,0.0,1.0,0,2020-12-29,1.0,2020-12-23,,,1.0,This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-77'],"['cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*']",0,0
CVE-2020-36194,QNAP,0.00075,6.1,0.0,0.0,0.0,1.0,0,2021-07-01,1.0,2021-07-01,,,1.0,"An XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.2.1566 Build 20210202. QNAP Systems Inc. QuTS hero versions prior to h4.5.2.1638 build 20210414. This issue does not affect: QNAP Systems Inc. QTS 4.5.3.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*']",0,0
CVE-2021-28803,QNAP,0.00052,5.4,0.0,0.0,1.0,0.0,0,2021-07-01,1.0,2021-07-01,,,1.0,This issue affects: QNAP Systems Inc. Q'center versions prior to 1.11.1004.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,"['CWE-79', 'CWE-80']","[""cpe:2.3:a:qnap:q\\'center:*:*:*:*:*:*:*:*""]",0,0
CVE-2021-28809,QNAP,0.00576,9.8,0.0,0.0,1.0,1.0,0,2021-07-08,1.0,2021-07-06,,,1.0,"An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3. If exploited, this vulnerability allows attackers to compromise the security of the operating system.QNAP have already fixed this vulnerability in the following versions of HBS 3: QTS 4.3.6: HBS 3 v3.0.210507 and later QTS 4.3.4: HBS 3 v3.0.210506 and later QTS 4.3.3: HBS 3 v3.0.210506 and later",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-284'],"['cpe:2.3:a:qnap:hybrid_backup_sync:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6:-:*:*:*:*:*:*', 'cpe:2.3:a:qnap:hybrid_backup_sync:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.4:-:*:*:*:*:*:*', 'cpe:2.3:a:qnap:hybrid_backup_sync:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:-:*:*:*:*:*:*']",0,0
CVE-2021-28816,QNAP,0.00088,8.8,0.0,0.0,0.0,1.0,0,2021-09-10,1.0,2021-09-10,,,1.0,"A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QTS, QuTScloud, QuTS hero: QTS 4.5.4.1715 build 20210630 and later QTS 5.0.0.1716 build 20210701 and later QTS 4.3.3.1693 build 20210624 and later QTS 4.3.6.1750 build 20210730 and later QuTScloud c4.5.6.1755 and later QuTS hero h4.5.4.1771 build 20210825 and later",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qutscloud:*:*:*:*:*:*:*:*']",0,0
CVE-2021-34355,QNAP,0.00066,5.4,0.0,1.0,1.0,0.0,0,2021-10-01,1.0,2021-10-01,,,1.0,"A cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station 5.4.10 ( 2021/08/19 ) and later Photo Station 5.7.13 ( 2021/08/19 ) and later Photo Station 6.0.18 ( 2021/09/01 ) and later",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:h:qnap:nas:-:*:*:*:*:*:*:*']",0,0
CVE-2021-34356,QNAP,0.00066,5.4,0.0,1.0,1.0,0.0,0,2021-10-01,1.0,2021-10-01,,,1.0,"A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station 6.0.18 ( 2021/09/01 ) and later",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:h:qnap:nas:-:*:*:*:*:*:*:*']",0,0
CVE-2021-34361,QNAP,0.00105,6.1,0.0,0.0,1.0,1.0,0,2022-02-25,1.0,2022-02-25,,,1.0,"A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QTS 4.5.x: Proxy Server 1.4.2 ( 2021/12/30 ) and later",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:qnap:nas_proxy_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*']",0,0
CVE-2021-38675,QNAP,0.00066,5.4,0.0,1.0,0.0,0.0,0,2021-10-01,1.0,2021-10-01,,,1.0,"A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Image2PDF. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Image2PDF: Image2PDF 2.1.5 ( 2021/08/17 ) and later",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:a:qnap:image2pdf:*:*:*:*:*:*:*:*', 'cpe:2.3:h:qnap:nas:-:*:*:*:*:*:*:*']",0,0
CVE-2021-38684,QNAP,0.00327,9.8,0.0,0.0,1.0,0.0,0,2021-11-13,1.0,2021-11-12,,,1.0,"A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Multimedia Console. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of Multimedia Console: Multimedia Console 1.4.3 ( 2021/10/05 ) and later Multimedia Console 1.5.3 ( 2021/10/05 ) and later",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:a:qnap:multimedia_console:*:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:multimedia_console:1.5.2:*:*:*:*:*:*:*']",0,0
CVE-2021-38687,QNAP,0.00327,9.8,0.0,0.0,1.0,1.0,0,2021-12-29,1.0,2021-12-10,,,1.0,"A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of Surveillance Station: QTS 5.0.0 (64 bit): Surveillance Station 5.2.0.4.2 ( 2021/10/26 ) and later QTS 5.0.0 (32 bit): Surveillance Station 5.2.0.3.2 ( 2021/10/26 ) and later QTS 4.3.6 (64 bit): Surveillance Station 5.1.5.4.6 ( 2021/10/26 ) and later QTS 4.3.6 (32 bit): Surveillance Station 5.1.5.3.6 ( 2021/10/26 ) and later QTS 4.3.3: Surveillance Station 5.1.5.3.6 ( 2021/10/26 ) and later",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:a:qnap:surveillance_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:5.0.0:*:*:*:*:*:x64:*', 'cpe:2.3:a:qnap:surveillance_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:5.0.0:*:*:*:*:*:x86:*', 'cpe:2.3:a:qnap:surveillance_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6:*:*:*:*:*:x64:*', 'cpe:2.3:a:qnap:surveillance_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6:*:*:*:*:*:x86:*', 'cpe:2.3:a:qnap:surveillance_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*']",0,0
CVE-2021-44051,QNAP,0.00175,8.8,0.0,0.0,1.0,1.0,0,2022-05-05,1.0,2022-05-06,,,0.0,"A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QuTScloud, QuTS hero and QTS: QuTScloud c5.0.1.1949 and later QuTS hero h5.0.0.1986 build 20220324 and later QTS 5.0.0.1986 build 20220324 and later",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-77'],"['cpe:2.3:a:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20200109:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20200421:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20200611:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20210327:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.2.6:build_20211215:*:*:*:*:*:*', 'cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qutscloud:*:*:*:*:*:*:*:*']",0,0
CVE-2021-44056,QNAP,0.00181,9.8,0.0,0.0,1.0,0.0,0,2022-05-05,1.0,2022-05-06,,,0.0,"An improper authentication vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Video Station: Video Station 5.5.9 and later Video Station 5.3.13 and later Video Station 5.1.8 and later",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:a:qnap:video_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:video_station:*:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:video_station:*:*:*:*:*:*:*:*']",0,0
CVE-2022-27588,QNAP,0.0016,9.8,0.0,0.0,1.0,0.0,0,2022-05-05,1.0,2022-05-06,,,0.0,We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.6 build 20220401 and later,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],['cpe:2.3:a:qnap:qvr:*:*:*:*:*:*:*:*'],0,0
CVE-2022-27593,QNAP,0.58604,9.1,0.0,0.0,1.0,1.0,0,2022-09-08,1.0,2022-09-03,,,1.0,"An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later QTS 4.3.6: Photo Station 5.7.18 and later QTS 4.3.3: Photo Station 5.4.15 and later QTS 4.2.6: Photo Station 5.2.14 and later",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH,CRITICAL,3.9,5.2,['CWE-610'],"['cpe:2.3:o:qnap:qts:4.2.6:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:4.3.6:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:5.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*', 'cpe:2.3:o:qnap:qts:5.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*']",0,0
CVE-2017-13719,Amcrest,0.03149,9.8,0.0,1.0,0.0,1.0,1,2019-07-03,0.0,,1.0,2019-06-07,,"The Amcrest IPM-721S Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. This HTTP API receives the credentials as base64 encoded in the Authorization HTTP header. However, a missing length check in the code allows an attacker to send a string of 1024 characters in the password field, and allows an attacker to exploit a memory corruption issue. This can allow an attacker to circumvent the account protection mechanism and brute force the credentials. If the firmware version Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322 is dissected using the binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that has many of the binaries in the /usr folder. The binary ""sonia"" is the one that has the vulnerable function that performs the credential check in the binary for the HTTP API specification. If we open this binary in IDA Pro we will notice that this follows an ARM little-endian format. The function at address 00415364 in IDA Pro starts the HTTP authentication process. This function calls another function at sub_ 0042CCA0 at address 0041549C. This function performs a strchr operation after base64 decoding the credentials, and stores the result on the stack, which results in a stack-based buffer overflow.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:amcrest:ipm-721s_firmware:amcrest_ipc-awxx_eng_n_v2.420.ac00.17.r.20170322:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ipm-721s:-:*:*:*:*:*:*:*']",0,0
CVE-2017-8226,Amcrest,0.05998,9.8,0.0,1.0,0.0,1.0,1,2019-07-03,0.0,,1.0,2019-06-07,,"Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary ""sonia"" is the one that has the vulnerable function that sets up the default credentials on the device. If one opens this binary in IDA-pro, one will notice that this follows a ARM little endian format. The function sub_3DB2FC in IDA pro is identified to be setting up the values at address 0x003DB5A6. The sub_5C057C then sets this value and adds it to the Configuration files in /mnt/mtd/Config/Account1 file.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:h:amcrest:ipm-721s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ipm-721s_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2017-8227,Amcrest,0.08174,9.8,0.0,1.0,0.0,1.0,1,2019-07-03,0.0,,1.0,2019-06-07,,"Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device. However, if the same brute force attempt is performed using the ONVIF specification (which is supported by the same binary) then there is no account lockout or timeout executed. This can allow an attacker to circumvent the account protection mechanism and brute force the credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary ""sonia"" is the one that has the vulnerable function that performs the credential check in the binary for the ONVIF specification. If one opens this binary in IDA-pro one will notice that this follows a ARM little endian format. The function at address 00671618 in IDA pro is parses the WSSE security token header. The sub_ 603D8 then performs the authentication check and if it is incorrect passes to the function sub_59F4C which prints the value ""Sender not authorized.""",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-254'],"['cpe:2.3:o:amcrest:ipm-721s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ipm-721s:-:*:*:*:*:*:*:*']",0,0
CVE-2017-8228,Amcrest,0.00663,8.8,0.0,1.0,0.0,1.0,1,2019-07-03,0.0,,1.0,2019-06-07,,"Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours. Amcrest cloud services does not perform a thorough verification when allowing the user to add a new camera to the user's account to ensure that the user actually owns the camera other than knowing the serial number of the camera. This can allow an attacker who knows the serial number to easily add another user's camera to an attacker's cloud account and control it completely. This is possible in case of any camera that is currently not a part of an Amcrest cloud account or has been removed from the user's cloud account. Also, another requirement for a successful attack is that the user should have rebooted the camera in the last two hours. However, both of these conditions are very likely for new cameras that are sold over the Internet at many ecommerce websites or vendors that sell the Amcrest products. The successful attack results in an attacker being able to completely control the camera which includes being able to view and listen on what the camera can see, being able to change the motion detection settings and also be able to turn the camera off without the user being aware of it. Note: The same attack can be executed using the Amcrest Cloud mobile application.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-264'],"['cpe:2.3:o:amcrest:ipm-721s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ipm-721s:-:*:*:*:*:*:*:*']",0,0
CVE-2017-8229,Amcrest,0.87259,9.8,0.0,1.0,0.0,1.0,1,2019-07-03,0.0,,1.0,2019-06-07,,"Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary ""sonia"" is the one that has the vulnerable function that sets up the default credentials on the device. If one opens this binary in IDA-pro one will notice that this follows a ARM little endian format. The function sub_436D6 in IDA pro is identified to be setting up the configuration for the device. If one scrolls to the address 0x000437C2 then one can see that /current_config is being set as an ALIAS for /mnt/mtd/Config folder on the device. If one TELNETs into the device and navigates to /mnt/mtd/Config folder, one can observe that it contains various files such as Account1, Account2, SHAACcount1, etc. This means that if one navigates to http://[IPofcamera]/current_config/Sha1Account1 then one should be able to view the content of the files. The security researchers assumed that this was only possible only after authentication to the device. However, when unauthenticated access tests were performed for the same URL as provided above, it was observed that the device file could be downloaded without any authentication.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-255'],"['cpe:2.3:o:amcrest:ipm-721s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ipm-721s:-:*:*:*:*:*:*:*']",0,0
CVE-2017-8230,Amcrest,0.00202,8.8,0.0,1.0,0.0,1.0,1,2019-07-03,0.0,,1.0,2019-06-07,,"On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups ""admin"" and ""user"". However, as a part of security analysis it was identified that a low privileged user who belongs to the ""user"" group and who has access to login in to the web administrative interface of the device can add a new administrative user to the interface using HTTP APIs provided by the device and perform all the actions as an administrative user by using that account. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary ""sonia"" is the one that has the vulnerable functions that performs the various action described in HTTP APIs. If one opens this binary in IDA-pro one will notice that this follows a ARM little endian format. The function at address 0x00429084 in IDA pro is the one that processes the HTTP API request for ""addUser"" action. If one traces the calls to this function, it can be clearly seen that the function sub_ 41F38C at address 0x0041F588 parses the call received from the browser and passes it to the ""addUser"" function without any authorization check.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-264'],"['cpe:2.3:o:amcrest:ipm-721s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ipm-721s:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16546,Amcrest,0.00234,5.9,0.0,0.0,0.0,1.0,1,2018-09-05,0.0,,0.0,,,"Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-798'],['cpe:2.3:o:amcrest:amcrest_ipc-hx1x3x-lexus_eng_n_amcrest:v2.420.ac01.3.r.20180206:*:*:*:*:*:*:*'],0,0
CVE-2019-3948,Amcrest,0.07383,7.5,1.0,1.0,0.0,1.0,1,2019-07-29,1.0,2019-08-02,,,0.0,"The Amcrest IP2M-841B V2.520.AC00.18.R, Dahua IPC-XXBXX V2.622.0000000.9.R, Dahua IPC HX5X3X and HX4X3X V2.800.0000008.0.R, Dahua DH-IPC HX883X and DH-IPC-HX863X V2.622.0000000.7.R, Dahua DH-SD4XXXXX V2.623.0000000.7.R, Dahua DH-SD5XXXXX V2.623.0000000.1.R, Dahua DH-SD6XXXXX V2.640.0000000.2.R and V2.623.0000000.1.R, Dahua NVR5XX-4KS2 V3.216.0000006.0.R, Dahua NVR4XXX-4KS2 V3.216.0000006.0.R, and NVR2XXX-4KS2 do not require authentication to access the HTTP endpoint /videotalk. An unauthenticated, remote person can connect to this endpoint and potentionally listen to the audio of the capturing device.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:o:amcrest:ip2m-841b_firmware:2.520.ac00.18.r:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-841b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahua:dh-ipc-hx863x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahua:dh-ipc-hx883x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahua:dh-sd4xxxxx:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahua:dh-sd5xxxxx:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahua:dh-sd6xxxxx:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahua:ipc-hx4x3x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahua:ipc-hx5x3x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahua:ipc-xxbxx:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahua:nvr2xxx-4ks2:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahua:nvr4xxx-4ks2:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahua:nvr5xxx-4ks2:*:*:*:*:*:*:*:*']",1,1
CVE-2020-5735,Amcrest,0.02271,8.8,1.0,1.0,0.0,1.0,0,2020-04-08,1.0,2020-07-04,,,0.0,Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:h:amcrest:1080-lite_8ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:1080-lite_8ch_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:amdv10814-h5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:amdv10814-h5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ipm-721:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ipm-721_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-841:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip2m-841_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-841-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip2m-841-v3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-853ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip2m-853ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-858w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip2m-858w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-866w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip2m-866w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip2m-866ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-866ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip4m-1053ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip4m-1053ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-2454ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-2454ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-2493eb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-2493eb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-2496eb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-2496eb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-2597e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-2597e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-mb2546ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-mb2546ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-mt2544ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-mt2544ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-t2499ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-t2499ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ipm-hx1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ipm-hx1:-:*:*:*:*:*:*:*']",1,0
CVE-2020-5736,Amcrest,0.00149,6.5,0.0,1.0,0.0,1.0,0,2020-04-08,1.0,2020-07-04,,,0.0,Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-476'],"['cpe:2.3:o:amcrest:1080-lite_8ch_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:1080-lite_8ch:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:amdv10814-h5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:amdv10814-h5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ipm-721_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ipm-721:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip2m-841_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-841:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip2m-841-v3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-841-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip2m-853ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-853ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip2m-858w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-858w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip2m-866w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-866w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip2m-866ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip2m-866ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip4m-1053ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip4m-1053ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-2454ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-2454ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-2493eb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-2493eb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-2496eb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-2496eb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-2597e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-2597e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-mb2546ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-mb2546ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-mt2544ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-mt2544ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ip8m-t2499ew_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ip8m-t2499ew:-:*:*:*:*:*:*:*', 'cpe:2.3:o:amcrest:ipm-hx1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amcrest:ipm-hx1:-:*:*:*:*:*:*:*']",0,0
CVE-2020-7222,Amcrest,0.00126,5.3,0.0,0.0,1.0,0.0,0,2020-01-18,0.0,,0.0,,,An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB 3.2.1.453504. The login page responds with JavaScript when one tries to authenticate. An attacker who changes the result parameter (to true) in this JavaScript code can bypass authentication and achieve limited privileges (ability to see every option but not modify them).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-287'],['cpe:2.3:a:amcrest:web_server:2.520.ac00.18.r:*:*:*:*:*:*:*'],0,0
CVE-2017-13774,Hikvision,0.00042,7.8,0.0,0.0,1.0,0.0,1,2017-08-30,0.0,,0.0,,,Hikvision iVMS-4200 devices before v2.6.2.7 allow local users to generate password-recovery codes via unspecified vectors.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-200'],['cpe:2.3:a:hikvision:ivms-4200:*:*:*:*:*:*:*:*'],0,0
CVE-2017-14953,Hikvision,0.00071,6.5,0.0,1.0,0.0,1.0,1,2017-12-01,0.0,,1.0,2017-11-28,,"HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi encryption or authentication. NOTE: Vendor states that this is not a vulnerability, but more an increase to the attack surface of the product",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-311'],"['cpe:2.3:o:hikvision:ds-2cd2432f-iw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2432f-iw:-:*:*:*:*:*:*:*']",0,0
CVE-2017-7921,Hikvision,0.01124,10.0,0.0,1.0,0.0,1.0,1,2017-05-06,1.0,2017-05-04,,,1.0,"An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,6.0,['CWE-287'],"['cpe:2.3:o:hikvision:ds-2cd2032-i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2112-i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2132-i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2212-i5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2232-i5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2312-i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2332-i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2412f-i\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2432f-i\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2512f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2532f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2612f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2632f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2712f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2732f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2t32-i3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2t32-i5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2t32-i8_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4012f-\\(a\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4012f-\\(p\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4012f-\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4012fwd-\\(a\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4012fwd-\\(p\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4012fwd-\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4024f-\\(a\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4024f-\\(p\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4024f-\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4032fwd-\\(a\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4032fwd-\\(p\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4032fwd-\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4112f-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4112fwd-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4124f-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4132fwd-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4212f-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4212f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4212f-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4212fwd-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4212fwd-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4212fwd-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4224f-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4224f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4224f-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4232fwd-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4232fwd-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4232fwd-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4312f-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4312f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4312f-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4324f-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4324f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4324f-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4332fwd-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4332fwd-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4332fwd-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd6412fwd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2032-i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2112-i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2132-i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2212-i5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2232-i5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2312-i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2332-i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2412f-i\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2432f-i\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2512f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2532f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2612f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2632f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2712f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2732f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2t32-i3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2t32-i5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2t32-i8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4012f-\\(a\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4012f-\\(p\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4012f-\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4012fwd-\\(a\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4012fwd-\\(p\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4012fwd-\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4024f-\\(a\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4024f-\\(p\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4024f-\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4032fwd-\\(a\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4032fwd-\\(p\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4032fwd-\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4112f-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4112fwd-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4124f-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4132fwd-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4212f-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4212f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4212f-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4212fwd-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4212fwd-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4212fwd-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4224f-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4224f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4224f-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4232fwd-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4232fwd-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4232fwd-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4312f-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4312f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4312f-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4324f-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4324f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4324f-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4332fwd-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4332fwd-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4332fwd-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd6412fwd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2dfx_series_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2dfx_series:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd63xx_series_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd63xx_series:-:*:*:*:*:*:*:*']",0,0
CVE-2017-7923,Hikvision,0.00235,8.8,0.0,1.0,0.0,1.0,1,2017-05-06,1.0,2017-05-04,,,1.0,"A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The password in configuration file vulnerability could allow a malicious user to escalate privileges or assume the identity of another user and access sensitive information.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-200', 'CWE-260']","['cpe:2.3:o:hikvision:ds-2cd2032-i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2112-i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2132-i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2212-i5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2232-i5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2312-i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2332-i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2412f-i\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2432f-i\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2512f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2532f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2612f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2632f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2712f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2732f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2t32-i3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2t32-i5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2t32-i8_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4012f-\\(a\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4012f-\\(p\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4012f-\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4012fwd-\\(a\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4012fwd-\\(p\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4012fwd-\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4024f-\\(a\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4024f-\\(p\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4024f-\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4032fwd-\\(a\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4032fwd-\\(p\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4032fwd-\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4112f-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4112fwd-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4124f-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4132fwd-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4212f-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4212f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4212f-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4212fwd-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4212fwd-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4212fwd-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4224f-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4224f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4224f-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4232fwd-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4232fwd-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4232fwd-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4312f-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4312f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4312f-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4324f-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4324f-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4324f-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4332fwd-i\\(h\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4332fwd-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd4332fwd-i\\(z\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd6412fwd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2032-i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2112-i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2132-i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2212-i5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2232-i5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2312-i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2332-i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2412f-i\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2432f-i\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2512f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2532f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2612f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2632f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2712f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2732f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2t32-i3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2t32-i5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2t32-i8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4012f-\\(a\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4012f-\\(p\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4012f-\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4012fwd-\\(a\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4012fwd-\\(p\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4012fwd-\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4024f-\\(a\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4024f-\\(p\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4024f-\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4032fwd-\\(a\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4032fwd-\\(p\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4032fwd-\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4112f-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4112fwd-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4124f-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4132fwd-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4212f-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4212f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4212f-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4212fwd-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4212fwd-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4212fwd-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4224f-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4224f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4224f-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4232fwd-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4232fwd-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4232fwd-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4312f-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4312f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4312f-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4324f-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4324f-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4324f-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4332fwd-i\\(h\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4332fwd-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd4332fwd-i\\(z\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd6412fwd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2dfx_series_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2dfx_series:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd63xx_series_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd63xx_series:-:*:*:*:*:*:*:*']",0,0
CVE-2018-6413,Hikvision,0.00209,7.5,0.0,1.0,0.0,1.0,1,2018-04-18,0.0,,0.0,,,"There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability allows remote attackers to launch a denial of service attack (service interruption) via a crafted network setting interface request.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-119'],"['cpe:2.3:h:hikvision:ds-2cd9111-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd9111-s_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2022-28171,Hikvision,0.22916,9.8,0.0,1.0,0.0,1.0,1,2022-06-27,1.0,2022-06-23,,,1.0,"The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-77', 'CWE-78']","['cpe:2.3:h:hikvision:ds-a71024:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a71024_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a71048:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a71048_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a71072r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a71072r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a80624s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a80624s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a81016s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a81016s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a72024:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a72024_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a72072r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a72072r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a80316s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a80316s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a82024d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a82024d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a71024_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a71024:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a71048r-cvs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a71048r-cvs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a72024_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a72024:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a72048r-cvs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a72048r-cvs:-:*:*:*:*:*:*:*']",1,0
CVE-2022-28172,Hikvision,0.00082,6.1,0.0,1.0,0.0,1.0,1,2022-06-27,1.0,2022-06-23,,,1.0,"The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:h:hikvision:ds-a71024:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a71024_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a71048:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a71048_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a71072r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a71072r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a80624s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a80624s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a81016s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a81016s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a72024:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a72024_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a72072r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a72072r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a80316s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a80316s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a82024d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a82024d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a71024_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a71024:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a71048r-cvs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a71048r-cvs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a72024_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a72024:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-a72048r-cvs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-a72048r-cvs:-:*:*:*:*:*:*:*']",0,0
CVE-2020-7057,Hikvision,0.00126,5.3,0.0,1.0,0.0,1.0,0,2020-01-14,0.0,,0.0,,,"Hikvision DVR DS-7204HGHI-F1 V4.0.1 build 180903 Web Version sends a different response for failed ISAPI/Security/sessionLogin/capabilities login attempts depending on whether the user account exists, which might make it easier to enumerate users. However, only about 4 or 5 failed logins are allowed.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-307'],"['cpe:2.3:o:hikvision:ds-7204hghi-f1_firmware:4.0.1:180903:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7204hghi-f1:-:*:*:*:*:*:*:*']",0,0
CVE-2021-36260,Hikvision,0.97462,9.8,1.0,1.0,0.0,1.0,0,2021-09-22,1.0,2021-09-19,,,1.0,"A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:hikvision:ds-2cd2026g2-iu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2026g2-iu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2046g2-iu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2046g2-iu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2066g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2066g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2066g2-iu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2066g2-iu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2086g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2086g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2086g2-iu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2086g2-iu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2166g2-i\\(su\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2166g2-i\\(su\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2186g2-i\\(su\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2186g2-i\\(su\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2186g2-isu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2186g2-isu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2326g2-isu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2326g2-isu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2346g2-isu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2346g2-isu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2366g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2366g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2366g2-isu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2366g2-isu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2386g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2386g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2386g2-isu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2386g2-isu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2426g2-i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2426g2-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2446g2-i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2446g2-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2526g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2526g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2526g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2526g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2546g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2546g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2566g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2566g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2586g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2586g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2626g2-izsu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2626g2-izsu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2646g2-izsu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2646g2-izsu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2666g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2666g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2666g2-izsu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2666g2-izsu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2686g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2686g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2686g2-izsu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2686g2-izsu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2766g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2766g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2786g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2786g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2027g2-l\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2027g2-l\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2047g2-l\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2047g2-l\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2027g2-lu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2027g2-lu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2087g2-l\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2087g2-l\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2127g2-\\(-su\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2127g2-\\(-su\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2147g2-l\\(su\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2147g2-l\\(su\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2327g2-l\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2327g2-l\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2347g2-l\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2347g2-l\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2347g2-lsu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2347g2-lsu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2387g2-l\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2387g2-l\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2527g2-ls_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2527g2-ls:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2547g2-ls_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2547g2-ls:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2547g2-lzs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2547g2-lzs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2121g0-i\\(w\\)\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2121g0-i\\(w\\)\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2321g0-i\\/nf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2321g0-i\\/nf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2421g0-i\\(d\\)\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2421g0-i\\(d\\)\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2421g0-i\\(d\\)w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2421g0-i\\(d\\)w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2621g0-i\\(z\\)\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2621g0-i\\(z\\)\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2721g0-i\\(z\\)\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2721g0-i\\(z\\)\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2121g1-i\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2121g1-i\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2121g1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2121g1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2121g1-idw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2121g1-idw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2023g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2023g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2043g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2043g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2063g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2063g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2083g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2083g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2123g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2123g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2123g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2123g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2143g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2143g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2143g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2143g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2163g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2163g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2163g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2163g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2183g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2183g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2183g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2183g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2323g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2323g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2343g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2343g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2363g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2363g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2183g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2183g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2523g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2523g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2543g2-i\\(ws\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2543g2-i\\(ws\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2563g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2563g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2583g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2583g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2623g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2623g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2643g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2643g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2663g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2663g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2683g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2683g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2723g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2723g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2743g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2743g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2763g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2763g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2783g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2783g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3023g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3023g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3043g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3043g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3063g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3063g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3123g2-i\\(s\\)u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3123g2-i\\(s\\)u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3143g2-i\\(s\\)u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3143g2-i\\(s\\)u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3163g2-i\\(s\\)u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3163g2-i\\(s\\)u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3323g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3323g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3343g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3343g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3363g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3363g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3523g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3523g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3543g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3543g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3563g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3563g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3623g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3623g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3643g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3643g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3663g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3663g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3723g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3723g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3743g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3743g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3763g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3763g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2021g1-i\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2021g1-i\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2121g1-idw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2121g1-idw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2021g1-i\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2021g1-i\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2121g1-idw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2121g1-idw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2023g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2023g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2043g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2043g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2063g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2063g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2083g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2083g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2123g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2123g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2123g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2123g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2143g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2143g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2143g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2143g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2163g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2163g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2183g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2183g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2183g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2183g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2323g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2323g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2343g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2343g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2363g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2363g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2383g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2383g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2523g2-i\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2523g2-i\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2523g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2523g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2543g2-i\\(ws\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2543g2-i\\(ws\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2563g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2563g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2583g2-i\\(s\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2583g2-i\\(s\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2623g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2623g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2643g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2643g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2663g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2663g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2683g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2683g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2723g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2723g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2743g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2743g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2763g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2763g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd2783g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd2783g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3026g2-iu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3026g2-iu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3056g2iu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3056g2iu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3126g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3126g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3126g2-is\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3126g2-is\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3156g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3156g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3156g2-is\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3156g2-is\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3186g2-is\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3186g2-is\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3326g2-isu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3326g2-isu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3356g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3356g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3356g2-is\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3356g2-is\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3356g2-isu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3356g2-isu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3386g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3386g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3386g2-is\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3386g2-is\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3526g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3526g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3556g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3556g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3586g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3586g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3626g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3626g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3726g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3726g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3026g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3026g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3056g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3056g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3056g2-iu\\/sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3056g2-iu\\/sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3086g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3086g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3656g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3656g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3686g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3686g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3756g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3756g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3786g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3786g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3047g2-ls_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3047g2-ls:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3347g2-ls\\(u\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3347g2-ls\\(u\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3547g2-ls_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3547g2-ls:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3023g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3023g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3043g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3043g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3063g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3063g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3123g2-i\\(s\\)u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3123g2-i\\(s\\)u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3143g2-i\\(s\\)u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3143g2-i\\(s\\)u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3163g2-i\\(s\\)u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3163g2-i\\(s\\)u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3323g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3323g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3343g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3343g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3363g2-iu_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3363g2-iu:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3523g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3523g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3543g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3543g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3563g2-is_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3563g2-is:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3623g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3623g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3643g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3643g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3663g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3663g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3723g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3723g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3743g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3743g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2cd3763g2-izs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2cd3763g2-izs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2xe6242f-is\\/316l\\(b\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2xe6242f-is\\/316l\\(b\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2xe6422fwd-izhrs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2xe6422fwd-izhrs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2xe6442f-izhrs\\(b\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2xe6442f-izhrs\\(b\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2xe6452f-izh\\(r\\)s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2xe6452f-izh\\(r\\)s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2xe6482f-izhrs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2xe6482f-izhrs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2dyh2a0ixs-d\\(t2\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2dyh2a0ixs-d\\(t2\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2dy9236i8x-a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2dy9236i8x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2dy9236i8x-a\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2dy9236i8x-a\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2dy9236ix-a\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2dy9236ix-a\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2dy9236x-a\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2dy9236x-a\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2dy9240ix-a\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2dy9240ix-a\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2dy9250izs-a\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2dy9250izs-a\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2dy92500x-a\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2dy92500x-a\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ptz-n2204i-de3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ptz-n2204i-de3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ptz-n2404i-de3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ptz-n2404i-de3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ptz-n4215-de3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ptz-n4215-de3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ptz-n4215i-de_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ptz-n4215i-de:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ptz-n4225i-de_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ptz-n4225i-de:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ptz-n5225i-a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ptz-n5225i-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df5225x-ae3\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df5225x-ae3\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df5225x-ael\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df5225x-ael\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df5232x-ae3\\)t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df5232x-ae3\\)t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df5232x-ael\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df5232x-ael\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df6a225x-ael\\)t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df6a225x-ael\\)t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df6a236x-ael\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df6a236x-ael\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df6a425x-ael\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df6a425x-ael\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df6a436x-ael\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df6a436x-ael\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df6a436x-ael\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df6a436x-ael\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df6a436x-aely\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df6a436x-aely\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df6a825x-ael_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df6a825x-ael:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df6a836x-ael\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df6a836x-ael\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df7225ix-ael\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df7225ix-ael\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df7225ix-aelw\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df7225ix-aelw\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df7232ix-ael\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df7232ix-ael\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df7232ix-aelw\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df7232ix-aelw\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8225ih-ael_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8225ih-ael:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8225ih-ael\\(w\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8225ih-ael\\(w\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8225ix-ael\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8225ix-ael\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8225ix-ael\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8225ix-ael\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8225ix-aelw\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8225ix-aelw\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8225ix-aelw\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8225ix-aelw\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8236i5x-aelw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8236i5x-aelw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8242i5x-aelw\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8242i5x-aelw\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8242i5x-aelw\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8242i5x-aelw\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8242i5x-ael\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8242i5x-ael\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8242ix-ael\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8242ix-ael\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8242ix-aelw\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8242ix-aelw\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8242ix-aely\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8242ix-aely\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8250i8x-ael\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8250i8x-ael\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8425ix-ael\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8425ix-ael\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8425ix-ael\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8425ix-ael\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8425ix-aelw\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8425ix-aelw\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8425ix-aelw\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8425ix-aelw\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8436i5x-aelw\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8436i5x-aelw\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8442ixs-ael\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8442ixs-ael\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8442ixs-aelw\\(t2\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8442ixs-aelw\\(t2\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8442ixs-aelw\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8442ixs-aelw\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8442ixs-aelwy\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8442ixs-aelwy\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8442ixs-aely\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8442ixs-aely\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8a442ixs-ael\\(t2\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8a442ixs-ael\\(t2\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8a442ixs-ael\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8a442ixs-ael\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8a442ixs-aely\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8a442ixs-aely\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8a442ixs-af\\/sp\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8a442ixs-af\\/sp\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8a442nxs-ael\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8a442nxs-ael\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8a442ixs-af\\/sp\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8a442ixs-af\\/sp\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8a442nxs-ael\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8a442nxs-ael\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2df8a842ixs-ael\\(t5\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2df8a842ixs-ael\\(t5\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ids-2pt9a144mxs-d\\/t2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ids-2pt9a144mxs-d\\/t2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ids-2sk718mxs-d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ids-2sk718mxs-d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ids-2sk8144ixs-d\\/j_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ids-2sk8144ixs-d\\/j:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ids-2vs435-f840-ey_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ids-2vs435-f840-ey:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ids-2vs435-f840-ey\\(t3\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ids-2vs435-f840-ey\\(t3\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td1217b-3\\/pa_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td1217b-3\\/pa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td1217b-6\\/pa_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td1217b-6\\/pa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td1117-2\\/pa_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td1117-2\\/pa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td1117-3\\/pa_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td1117-3\\/pa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td1117-6\\/pa_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td1117-6\\/pa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td4136t-9_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td4136t-9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td4137-25\\/w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td4137-25\\/w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td4137-50\\/w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td4137-50\\/w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td4166t-9_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td4166t-9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td4167-25\\/w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td4167-25\\/w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td4167-50\\/w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td4167-50\\/w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td6236t-50h2l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td6236t-50h2l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td6237-50h4l\\/w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td6237-50h4l\\/w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td6237-75c4l\\/w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td6237-75c4l\\/w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td6266t-25h2l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td6266t-25h2l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td6266t-50h2l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td6266t-50h2l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td6267-100c4l\\/w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td6267-100c4l\\/w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td6267-100c4l\\/wy_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td6267-100c4l\\/wy:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td6267-50h4l\\/w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td6267-50h4l\\/w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td6267-75c4l\\/w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td6267-75c4l\\/w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td6267-75c4l\\/wy_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td6267-75c4l\\/wy:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td8166-100c2f\\/v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td8166-100c2f\\/v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td8166-150ze2f\\/v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td8166-150ze2f\\/v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td8166-150zh2f\\/v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td8166-150zh2f\\/v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td8166-180ze2f\\/v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td8166-180ze2f\\/v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td8166-75c2f\\/v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td8166-75c2f\\/v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td8167-150zc4f\\/w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td8167-150zc4f\\/w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td8167-190ze2f\\/w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td8167-190ze2f\\/w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td8167-190ze2f\\/wy_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td8167-190ze2f\\/wy:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td8167-230zg2f\\/w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td8167-230zg2f\\/w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-2td8167-230zg2f\\/wy_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-2td8167-230zg2f\\/wy:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7604ni-k1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7604ni-k1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-760ni-k1\\/4p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-760ni-k1\\/4p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7604ni-k1\\/4p\\/4g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7604ni-k1\\/4p\\/4g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7608ni-k1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7608ni-k1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7608ni-k1\\/4g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7608ni-k1\\/4g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7608ni-k1\\/8p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7608ni-k1\\/8p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7608ni-k1\\/8p\\/4g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7608ni-k1\\/8p\\/4g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7616ni-k1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7616ni-k1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7604ni-q1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7604ni-q1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7604ni-q1\\/4p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7604ni-q1\\/4p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7608ni-q1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7608ni-q1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7608ni-q1\\/8p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7608ni-q1\\/8p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7608ni-q2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7608ni-q2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7608ni-q2\\/8p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7608ni-q2\\/8p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7616ni-q1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7616ni-q1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7616ni-q2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7616ni-q2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7616ni-q2\\/16p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7616ni-q2\\/16p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7104ni-q1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7104ni-q1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7104ni-q1\\/4p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7104ni-q1\\/4p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7104ni-q1\\/4p\\/m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7104ni-q1\\/4p\\/m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7104ni-q1\\/m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7104ni-q1\\/m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7108ni-q1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7108ni-q1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7108ni-q1\\/8p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7108ni-q1\\/8p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7108ni-q1\\/8p\\/m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7108ni-q1\\/8p\\/m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hikvision:ds-7108ni-q1\\/m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hikvision:ds-7108ni-q1\\/m:-:*:*:*:*:*:*:*']",1,0
CVE-2017-14111,Philips,0.00216,7.2,0.0,0.0,1.0,0.0,1,2017-11-17,0.0,,1.0,2017-11-14,,"The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier and Xcelera R4.1L1 and earlier records domain authentication credentials, which if accessed allows an attacker to use credentials to access the application, or other user entitlements.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-522'],"['cpe:2.3:a:philips:intellispace_cardiovascular:*:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:xcelera:*:*:*:*:*:*:*:*']",0,0
CVE-2017-14797,Philips,0.00266,7.5,0.0,1.0,0.0,1.0,1,2017-10-01,0.0,,0.0,,,"Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows remote attackers to read API keys (and consequently bypass the pushlink protection mechanism, and obtain complete control of the connected accessories) by leveraging the ability to sniff HTTP traffic on the local intranet network.",CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-326'],"['cpe:2.3:o:philips:hue_bridge_bsb002_firmware:1707040932:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:hue_bridge_bsb002:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9656,Philips,0.00233,9.1,0.0,0.0,1.0,0.0,1,2018-04-24,0.0,,1.0,2017-08-17,,"The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevated privileges are first required for an attacker to access the web application backend system files that contain the hard-coded credentials. Successful exploitation may allow a remote attacker to gain access to the database of the DWP application, which contains PHI. CVSS v3 base score: 9.1, CVSS vector string: AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.3,6.0,['CWE-798'],"['cpe:2.3:a:philips:dosewise:1.1.7.333:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:dosewise:2.1.1.3069:*:*:*:*:*:*:*']",0,0
CVE-2017-9658,Philips,0.00117,6.5,0.0,1.0,0.0,0.0,1,2018-04-30,1.0,2017-09-12,,,1.0,"Certain 802.11 network management messages have been determined to invoke wireless access point blacklisting security defenses when not required, which can necessitate intervention by hospital staff to reset the device and reestablish a network connection to the Wi-Fi access point. During this state, the Philips IntelliVue MX40 Version B.06.18 can either connect to an alternative access point within signal range for association to a central monitoring station, or it can remain in local monitoring mode until the device is reset by hospital staff. CVSS v3 base score: 6.5, CVSS vector string: AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. Philips has released software update, Version B.06.18, to fix the improper cleanup on thrown exception vulnerability, and implement mitigations to reduce the risk associated with the improper handling of exceptional conditions vulnerability. The software update implements messaging and alarming on the MX40 and at the central monitoring station, when the MX40 disconnects from the access point.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-755'],"['cpe:2.3:o:philips:intellivue_mx40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_mx40:-:*:*:*:*:*:*:*']",0,0
CVE-2018-10599,Philips,0.00067,5.3,0.0,1.0,0.0,1.0,1,2018-06-05,0.0,,1.0,2018-06-05,,"IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that allows an unauthenticated attacker to read memory from an attacker-chosen device address within the same subnet.",CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.6,3.6,['CWE-200'],"['cpe:2.3:o:philips:intellivue_mp2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_mp2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_x2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_x2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mp30_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_mp30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mp50_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_mp50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mp70_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_mp70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_np90_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_np90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mx700_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_mx700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mx800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_mx800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mx400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_mx400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mx450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_mx450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mx500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_mx500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mx550_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_mx550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_x3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_x3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mx100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellivue_mx100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:avalon_fetal\\/maternal_monitors_fm20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:avalon_fetal\\/maternal_monitors_fm20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:avalon_fetal\\/maternal_monitors_fm30_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:avalon_fetal\\/maternal_monitors_fm30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:avalon_fetal\\/maternal_monitors_fm40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:avalon_fetal\\/maternal_monitors_fm40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:avalon_fetal\\/maternal_monitors_fm50_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:avalon_fetal\\/maternal_monitors_fm50:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14789,Philips,0.00044,6.7,0.0,0.0,1.0,0.0,1,2018-08-22,1.0,2018-08-14,,,1.0,"In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 3.1 or prior and Xcelera Version 4.1 or prior), an unquoted search path or element vulnerability has been identified, which may allow an attacker to execute arbitrary code and escalate their level of privileges.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-428'],"['cpe:2.3:a:philips:intellispace_cardiovascular:*:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:xcelera:*:*:*:*:*:*:*:*']",0,0
CVE-2018-14803,Philips,0.00126,5.3,0.0,1.0,0.0,1.0,1,2018-09-26,1.0,2018-06-30,,,1.0,"Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The Philips e-Alert contains a banner disclosure vulnerability that could allow attackers to obtain extraneous product information, such as OS and software components, via the HTTP response header that is normally not available to the attacker, but might be useful information in an attack.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-200'],"['cpe:2.3:o:philips:e-alert_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:e-alert:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17906,Philips,0.00076,8.8,0.0,0.0,1.0,0.0,1,2018-11-19,0.0,,1.0,2018-11-08,,"Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all versions. Default credentials and no authentication within third party software may allow an attacker to compromise a component of the system.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-1188', 'CWE-521']","['cpe:2.3:a:philips:intellispace_pacs:*:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:isite_pacs:*:*:*:*:*:*:*:*']",0,0
CVE-2018-8846,Philips,0.0014,6.1,0.0,0.0,0.0,1.0,1,2018-09-26,1.0,2018-06-30,,,1.0,"Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is then served to other users.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:o:philips:e-alert_firmware:*:*:*:*:*:*:*:*'],0,0
CVE-2018-8850,Philips,0.00936,9.8,0.0,0.0,0.0,1.0,1,2018-09-26,1.0,2018-06-30,,,1.0,"Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not validate input properly, allowing an attacker to craft the input in a form that is not expected by the rest of the application. This would lead to parts of the unit receiving unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],['cpe:2.3:o:philips:e-alert_firmware:*:*:*:*:*:*:*:*'],0,0
CVE-2018-8853,Philips,0.00053,8.8,0.0,1.0,0.0,1.0,1,2018-05-04,0.0,,1.0,2019-10-10,,"Philips Brilliance CT devices operate user functions from within a contained kiosk in a Microsoft Windows operating system. Windows boots by default with elevated Windows privileges, enabling a kiosk application, user, or an attacker to potentially attain unauthorized elevated privileges in Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior. Also, attackers may gain access to unauthorized resources from the underlying Windows operating system.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,2.0,6.0,"['CWE-269', 'CWE-250']","['cpe:2.3:o:philips:brilliance_firmware_64:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:brilliance_64:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:brilliance_ict_sp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:brilliance_ict_sp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:brilliance_ict_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:brilliance_ict:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:_brilliance_ct_big_bore_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:_brilliance_ct_big_bore:-:*:*:*:*:*:*:*']",0,0
CVE-2018-8856,Philips,0.00348,9.8,0.0,0.0,0.0,1.0,1,2018-09-26,1.0,2018-06-30,,,1.0,"Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard-coded cryptographic key, which it uses for encryption of internal data.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],['cpe:2.3:o:philips:e-alert_firmware:*:*:*:*:*:*:*:*'],0,0
CVE-2019-10988,Philips,0.00044,3.4,0.0,1.0,0.0,1.0,1,2019-09-04,0.0,,1.0,2019-08-29,,"In Philips HDI 4000 Ultrasound Systems, all versions running on old, unsupported operating systems such as Windows 2000, the HDI 4000 Ultrasound System is built on an old operating system that is no longer supported. Thus, any unmitigated vulnerability in the old operating system could be exploited to affect this product.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N,LOCAL,LOW,HIGH,NONE,UNCHANGED,LOW,LOW,NONE,LOW,0.8,2.5,"['NVD-CWE-Other', 'CWE-477']","['cpe:2.3:o:philips:hdi_4000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:hdi_4000:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13530,Philips,0.00104,7.2,0.0,1.0,0.0,1.0,1,2019-09-12,0.0,,1.0,2019-09-12,,"Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). An attacker can use these credentials to login via ftp and upload a malicious firmware.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,"['CWE-798', 'CWE-259']","['cpe:2.3:o:philips:intellivue_mp_monitors_mp20-mp90_firmware:a.03.09:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m80010a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8001a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8002a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8003a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8004a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8005a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8007a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8008a:a:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mp_monitors_mp5\\/5sc_firmware:a.03.09:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8105a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8105as:a:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mp_monitors_mp2\\/x2_firmware:a01.09:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m3002a:b:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8102a:b:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mp_monitors_mx800\\/700\\/600_firmware:a.01.09:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:865240:b:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:865241:b:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:865242:b:*:*:*:*:*:*:*']",0,0
CVE-2019-13534,Philips,0.00104,7.2,0.0,1.0,0.0,1.0,1,2019-09-12,0.0,,1.0,2019-09-12,,"Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-494'],"['cpe:2.3:o:philips:intellivue_mp_monitors_mp20-mp90_firmware:a.03.09:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m80010a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8001a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8002a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8003a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8004a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8005a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8007a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8008a:a:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mp_monitors_mp5\\/5sc_firmware:a.03.09:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8105a:a:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8105as:a:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mp_monitors_mp2\\/x2_firmware:a01.09:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m3002a:b:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:m8102a:b:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellivue_mp_monitors_mx800\\/700\\/600_firmware:a.01.09:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:865240:b:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:865241:b:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:865242:b:*:*:*:*:*:*:*']",0,0
CVE-2019-13546,Philips,0.00067,6.8,0.0,0.0,1.0,0.0,1,2019-10-25,0.0,,1.0,2019-10-24,,"In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace Perinatal application environment could enable an unauthorized attacker with physical access to a locked application screen, or an authorized remote desktop session host application user to break-out from the containment of the application and access unauthorized resources from the Windows operating system as the limited-access Windows user. Due to potential Windows vulnerabilities, it may be possible for additional attack methods to be used to escalate privileges on the operating system.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-668'],['cpe:2.3:a:philips:intellispace_perinatal:*:*:*:*:*:*:*:*'],0,0
CVE-2019-18241,Philips,0.00067,6.5,0.0,1.0,0.0,1.0,1,2019-11-26,0.0,,1.0,2019-12-12,,"In Philips IntelliBridge EC40 and EC80, IntelliBridge EC40 Hub all versions, and IntelliBridge EC80 Hub all versions, the SSH server running on the affected products is configured to allow weak ciphers. This could enable an unauthorized attacker with access to the network to capture and replay the session and gain unauthorized access to the EC40/80 hub.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-326'],"['cpe:2.3:o:philips:intellibridge_ec40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellibridge_ec40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellibridge_ec80_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellibridge_ec80:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18263,Philips,0.00056,6.5,0.0,1.0,0.0,1.0,1,2019-12-20,1.0,2019-12-19,,,1.0,"An issue was found in Philips Veradius Unity, Pulsera, and Endura Dual WAN Router, Veradius Unity (718132) with wireless option (shipped between 2016-August 2018), Veradius Unity (718132) with ViewForum option (shipped between 2016-August 2018), Pulsera (718095) and Endura (718075) with wireless option (shipped between 26-June-2017 through 07-August 2018), Pulsera (718095) and Endura (718075) with ViewForum option (shipped between 26-June-2017 through 07-August 2018). The router software uses an encryption scheme that is not strong enough for the level of protection required.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-326'],"['cpe:2.3:o:philips:veradius_unity_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:veradius_unity:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:pulsera_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:pulsera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:endura_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:endura:-:*:*:*:*:*:*:*']",0,0
CVE-2020-14525,Philips,0.00044,3.5,0.0,0.0,1.0,0.0,1,2020-09-18,1.0,2020-06-30,,,1.0,"Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a webpage that is served to other users.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,LOW,2.1,1.4,"['NVD-CWE-Other', 'CWE-83']",['cpe:2.3:a:philips:clinical_collaboration_platform:*:*:*:*:*:*:*:*'],0,0
CVE-2020-16198,Philips,0.00056,6.3,0.0,0.0,1.0,0.0,1,2020-09-18,1.0,2020-06-30,,,1.0,"Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. When an attacker claims to have a given identity, the software does not prove or insufficiently proves the claim is correct.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW,MEDIUM,2.8,3.4,['CWE-693'],['cpe:2.3:a:philips:clinical_collaboration_platform:*:*:*:*:*:*:*:*'],0,0
CVE-2020-16237,Philips,0.00044,2.1,0.0,1.0,0.0,1.0,1,2020-08-21,0.0,,1.0,2020-08-20,,"Philips SureSigns VS4, A.07.107 and prior. The product receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly.",CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L,PHYSICAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,LOW,LOW,0.7,1.4,['CWE-20'],"['cpe:2.3:o:philips:suresigns_vs4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:suresigns_vs4:-:*:*:*:*:*:*:*']",0,0
CVE-2020-16239,Philips,0.00065,4.9,0.0,1.0,0.0,1.0,1,2020-08-21,0.0,,1.0,2020-08-20,,"Philips SureSigns VS4, A.07.107 and prior. When an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.2,3.6,['CWE-287'],"['cpe:2.3:o:philips:suresigns_vs4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:suresigns_vs4:-:*:*:*:*:*:*:*']",0,0
CVE-2020-16241,Philips,0.00044,2.1,0.0,1.0,0.0,1.0,1,2020-08-21,0.0,,1.0,2020-08-20,,"Philips SureSigns VS4, A.07.107 and prior. The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.",CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L,PHYSICAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,LOW,LOW,0.7,1.4,"['CWE-863', 'CWE-284']","['cpe:2.3:o:philips:suresigns_vs4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:suresigns_vs4:-:*:*:*:*:*:*:*']",0,0
CVE-2020-16247,Philips,0.00044,7.1,0.0,0.0,1.0,0.0,1,2020-09-18,1.0,2020-06-30,,,1.0,"Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,1.8,5.2,"['CWE-668', 'CWE-16']",['cpe:2.3:a:philips:clinical_collaboration_platform:*:*:*:*:*:*:*:*'],0,0
CVE-2021-39376,Philips,0.00086,8.8,0.0,0.0,1.0,0.0,1,2021-08-24,1.0,2021-11-04,,,0.0,Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the CorCad_F2/executaConsultaEspecifico IE_CORPO_ASSIST or CD_USUARIO_CONVENIO parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-89'],['cpe:2.3:a:philips:tasy_electronic_medical_record:3.06:*:*:*:*:*:*:*'],0,0
CVE-2018-19001,Philips,0.00052,4.3,0.0,0.0,1.0,0.0,0,2018-12-07,0.0,,1.0,2018-11-06,,"Philips HealthSuite Health Android App, all versions. The software uses simple encryption that is not strong enough for the level of protection required.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,PHYSICAL,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW,MEDIUM,0.9,3.4,['CWE-326'],['cpe:2.3:a:philips:healthsuite_health:*:*:*:*:*:android:*:*'],0,0
CVE-2018-5454,Philips,0.0084,8.1,0.0,0.0,1.0,0.0,0,2018-03-26,0.0,,1.0,2018-02-27,,"Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,"['NVD-CWE-noinfo', 'CWE-489']","['cpe:2.3:a:philips:intellispace_portal:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:intellispace_portal:9.0:*:*:*:*:*:*:*']",0,0
CVE-2018-5462,Philips,0.00148,7.5,0.0,0.0,1.0,0.0,0,2018-03-26,0.0,,1.0,2018-02-27,,"Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an SSL incorrect hostname certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-295', 'CWE-310']","['cpe:2.3:a:philips:intellispace_portal:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:intellispace_portal:9.0:*:*:*:*:*:*:*']",0,0
CVE-2018-5466,Philips,0.00148,7.5,0.0,0.0,1.0,0.0,0,2018-03-26,0.0,,1.0,2018-02-27,,"Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a self-signed SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-295', 'CWE-310']","['cpe:2.3:a:philips:intellispace_portal:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:intellispace_portal:9.0:*:*:*:*:*:*:*']",0,0
CVE-2019-10968,Philips,0.00044,4.4,0.0,0.0,1.0,0.0,0,2019-07-24,0.0,,1.0,2019-07-11,,"Philips Holter 2010 Plus, all versions. A vulnerability has been identified that may allow system options that were not purchased to be enabled.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,0.8,3.6,"['NVD-CWE-Other', 'CWE-477']",['cpe:2.3:a:philips:zymed_holter_2010:*:*:*:*:plus:*:*:*'],0,0
CVE-2019-18980,Philips,0.0019,7.5,0.0,1.0,0.0,1.0,0,2019-11-14,0.0,,0.0,,,"On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Anyone can turn the bulb on or off, or change its color or brightness remotely. There is no authentication or encryption to use the control API. The only requirement is that the attacker have network access to the bulb.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:o:philips:taolight_smart_wi-fi_wiz_connected_led_bulb_9290022656_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:taolight_smart_wi-fi_wiz_connected_led_bulb_9290022656:-:*:*:*:*:*:*:*']",0,0
CVE-2020-11617,Philips,0.0007,5.9,0.0,1.0,0.0,1.0,0,2020-08-31,0.0,,0.0,,,"The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn't validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to modify the data delivered to the client.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.2,3.6,['CWE-295'],"['cpe:2.3:h:thomsonstb:tht741fta:-:*:*:*:*:*:*:*', 'cpe:2.3:o:thomsonstb:tht741fta_firmware:2.2.1:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:dtr3502bfta_dvb-t2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:dtr3502bfta_dvb-t2_firmware:2.2.1:*:*:*:*:*:*:*']",0,0
CVE-2020-11618,Philips,0.00051,7.8,0.0,1.0,0.0,1.0,0,2020-08-31,0.0,,0.0,,,"THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access via the TELNET protocol.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:thomsonstb:tht741fta_firmware:2.2.1:*:*:*:*:*:*:*', 'cpe:2.3:h:thomsonstb:tht741fta:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:dtr3502bfta_dvb-t2_firmware:2.2.1:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:dtr3502bfta_dvb-t2:-:*:*:*:*:*:*:*']",0,0
CVE-2020-12023,Philips,0.00044,4.5,0.0,0.0,1.0,0.0,0,2020-06-11,0.0,,1.0,2020-06-11,,"Philips IntelliBridge Enterprise (IBE), Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns (VS4), EarlyVue (VS30) and IntelliVue Guardian (IGS). Unencrypted user credentials received in the IntelliBridge Enterprise (IBE) are logged within the transaction logs, which are secured behind the login based administrative web portal. The unencrypted user credentials sent from the affected products listed above, for the purpose of handshake or authentication with the Enterprise Systems, are logged as the payload in IntelliBridge Enterprise (IBE) within the transaction logs. An attacker with administrative privileges could exploit this vulnerability to read plain text credentials from log files.",CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.9,3.6,['CWE-532'],['cpe:2.3:a:philips:intellibridge_enterprise:*:*:*:*:*:*:*:*'],0,0
CVE-2020-14477,Philips,0.00044,4.4,0.0,1.0,0.0,1.0,0,2020-06-26,1.0,2020-04-30,,,1.0,"In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may use an alternate path or channel that does not require authentication of the alternate service login to view or modify information.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,NONE,MEDIUM,1.8,2.5,"['CWE-287', 'CWE-288']","['cpe:2.3:h:philips:clearvue_850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:clearvue_850_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:clearvue_350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:clearvue_350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:cx50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:cx50_firmware:5.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:affiniti_70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:affiniti_70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:affiniti_50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:affiniti_50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:epiq_7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:epiq_7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:sparq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:sparq_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:xperius:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:xperius_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-16212,Philips,0.00074,6.8,0.0,0.0,1.0,0.0,0,2020-09-11,0.0,,1.0,2021-11-18,,"In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. The application on the surveillance station operates in kiosk mode, which is vulnerable to local breakouts that could allow an attacker with physical access to escape the restricted environment with limited privileges.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-668'],"['cpe:2.3:a:philips:patient_information_center_ix:b.02:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*']",0,0
CVE-2020-16222,Philips,0.00073,8.8,0.0,0.0,1.0,0.0,0,2020-09-11,0.0,,1.0,2021-11-18,,"In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and 
PerformanceBridge Focal Point Version A.01, when an actor claims to have
 a given identity, the software does not prove or insufficiently proves 
the claim is correct.

",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-287'],"['cpe:2.3:a:philips:patient_information_center_ix:b.02:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:performancebridge_focal_point:a.01:*:*:*:*:*:*:*']",0,0
CVE-2020-16224,Philips,0.00063,6.5,0.0,0.0,1.0,0.0,0,2020-09-11,0.0,,1.0,2021-11-18,,"In Patient Information Center iX (PICiX) Versions C.02, C.03, the 
software parses a formatted message or structure but does not handle or 
incorrectly handles a length field that is inconsistent with the actual 
length of the associated data, causing the application on the 
surveillance station to restart.



",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-130'],"['cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*']",0,0
CVE-2020-27298,Philips,0.00056,6.5,0.0,0.0,1.0,0.0,0,2021-01-26,1.0,2021-01-19,,,1.0,"Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10). The software constructs all or part of an OS command using externally influenced input from an upstream component but does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when sent to a downstream component.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-78'],"['cpe:2.3:a:philips:coronary_tools:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:dynamic_coronary_roadmap:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:interventional_workspot:1.3.2:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:interventional_workspot:1.4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:interventional_workspot:1.4.1:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:interventional_workspot:1.4.3:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:interventional_workspot:1.4.5:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:stentboost_live:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:viewforum:6.3v1l10:*:*:*:*:*:*:*']",0,0
CVE-2020-7360,Philips,0.00051,7.3,0.0,0.0,1.0,0.0,0,2020-08-13,1.0,2020-04-30,0.0,,1.0,"An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was released after April 15, 2020. (Note, the version numbering system changed significantly between version 4.3.15 and version 1.0.7.)",CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.3,5.9,['CWE-427'],['cpe:2.3:a:philips:smartcontrol:*:*:*:*:*:*:*:*'],0,0
CVE-2021-26248,Philips,0.00044,5.5,0.0,1.0,0.0,1.0,0,2021-11-19,0.0,,1.0,2021-11-24,,Philips MRI 1.5T and MRI 3T Version 5.x.x assigns an owner who is outside the intended control sphere to a resource.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-708'],"['cpe:2.3:h:philips:mri_3t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:mri_3t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:mri_1.5t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:mri_1.5t_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-26262,Philips,0.00044,5.5,0.0,1.0,0.0,1.0,0,2021-11-19,0.0,,1.0,2021-11-24,,Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a resource from an unauthorized actor.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,"['NVD-CWE-Other', 'CWE-284']","['cpe:2.3:o:philips:mri_3t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:mri_3t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:mri_1.5t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:mri_1.5t:-:*:*:*:*:*:*:*']",0,0
CVE-2021-32966,Philips,0.00144,7.5,0.0,0.0,1.0,0.0,0,2022-05-25,0.0,,1.0,2021-06-24,,"Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals, which may allow an attacker to remotely read LDAP system credentials.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-319'],"['cpe:2.3:a:philips:interoperability_solution_xds:*:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:interoperability_solution_xds:*:*:*:*:*:*:*:*']",0,0
CVE-2021-32993,Philips,0.00058,8.8,0.0,1.0,0.0,1.0,0,2021-12-27,0.0,,1.0,2021-11-18,,"IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a password or a cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-798'],"['cpe:2.3:o:philips:intellibridge_ec40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellibridge_ec40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellibridge_ec80_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellibridge_ec80:-:*:*:*:*:*:*:*']",0,0
CVE-2021-33017,Philips,0.00067,8.8,0.0,1.0,0.0,1.0,0,2021-12-27,0.0,,1.0,2021-11-18,,"The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) requires authentication, but the product has an alternate path or channel that does not require authentication.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-288'],"['cpe:2.3:o:philips:intellibridge_ec40_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellibridge_ec40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:intellibridge_ec80_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:intellibridge_ec80:-:*:*:*:*:*:*:*']",0,0
CVE-2021-42744,Philips,0.00044,5.5,0.0,1.0,0.0,1.0,0,2021-11-19,0.0,,1.0,2021-11-24,,Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not explicitly authorized to have access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,"['NVD-CWE-noinfo', 'CWE-200']","['cpe:2.3:o:philips:mri_1.5t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:mri_1.5t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:mri_3t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:mri_3t:-:*:*:*:*:*:*:*']",0,0
CVE-2021-43548,Philips,0.00056,6.5,0.0,0.0,1.0,0.0,0,2021-12-27,1.0,2021-09-30,,,1.0,"Patient Information Center iX (PIC iX) Versions C.02 and C.03 receives input or data, but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-20'],"['cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*']",0,0
CVE-2021-43550,Philips,0.00067,6.5,0.0,0.0,1.0,0.0,0,2021-12-27,1.0,2021-09-30,,,1.0,"The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-327'],"['cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*', 'cpe:2.3:h:philips:efficia_cm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:efficia_cm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:efficia_cm_firmware:4.0:*:*:*:*:*:*:*']",0,0
CVE-2021-43552,Philips,0.00044,5.5,0.0,0.0,1.0,0.0,0,2021-12-27,1.0,2021-09-30,,,1.0,"The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-321'],"['cpe:2.3:a:philips:patient_information_center_ix:b.02:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*', 'cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*']",0,0
CVE-2022-0922,Philips,0.00048,6.5,0.0,1.0,0.0,1.0,0,2022-04-01,0.0,,1.0,2022-06-07,,The software does not perform any authentication for critical system functionality.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-306'],"['cpe:2.3:h:philips:e-alert:-:*:*:*:*:*:*:*', 'cpe:2.3:o:philips:e-alert_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2017-14147,Fiberhome,0.8073,9.8,1.0,1.0,0.0,1.0,1,2017-09-07,0.0,,0.0,,,"An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to easily restore a router to its factory settings by simply browsing to the link http://[Default-Router-IP]/restoreinfo.cgi & execute it. Due to improper authentication on this page, the software accepts the request hence allowing attacker to reset the router to its default configurations which later could allow attacker to login to router by using default username/password.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:fiberhome:adsl_an1020-25_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:adsl_an1020-25:-:*:*:*:*:*:*:*']",1,0
CVE-2017-16885,Fiberhome,0.01822,9.8,1.0,1.0,0.0,1.0,1,2018-01-12,0.0,,0.0,,,"Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Changing Passwords, etc.) allows remote attackers to look for the information without authenticating. The information includes Version of device, Firmware ID, Connected users to device along their MAC Addresses, etc.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-732'],"['cpe:2.3:o:fiberhome:lm53q1_firmware:vh519r05c01s38:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:lm53q1:-:*:*:*:*:*:*:*']",1,0
CVE-2017-16886,Fiberhome,0.0025,8.8,1.0,1.0,0.0,1.0,1,2018-01-12,0.0,,0.0,,,The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services via CSRF can result in an unauthorized change of username or password of the administrator of the portal.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:fiberhome:lm53q1_firmware:vh519r05c01s38:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:lm53q1:-:*:*:*:*:*:*:*']",1,0
CVE-2017-16887,Fiberhome,0.00647,9.8,1.0,1.0,0.0,1.0,1,2018-01-12,0.0,,0.0,,,The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services can result in disclosure of the WLAN key/password.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-275'],"['cpe:2.3:o:fiberhome:lm53q1_firmware:vh519r05c01s38:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:lm53q1:-:*:*:*:*:*:*:*']",1,0
CVE-2017-5544,Fiberhome,0.00114,5.9,0.0,1.0,0.0,1.0,1,2017-01-23,0.0,,0.0,,,"An issue was discovered on FiberHome Fengine S5800 switches V210R240. An unauthorized attacker can access the device's SSH service, using a password cracking tool to establish SSH connections quickly. This will trigger an increase in the SSH login timeout (each of the login attempts will occupy a connection slot for a longer time). Once this occurs, legitimate login attempts via SSH/telnet will be refused, resulting in a denial of service; you must restart the device.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.2,3.6,['CWE-400'],"['cpe:2.3:h:fiberhome:fengine_28f-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:fengine_52f-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:fengine_52t-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:fengine_s5800-28t-s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:fengine_s5800-28t-s-pe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:fengine_s5800_firmware:v210r240:*:*:*:*:*:*:*']",0,0
CVE-2018-9248,Fiberhome,0.06072,9.8,1.0,1.0,0.0,1.0,1,2018-04-04,0.0,,0.0,,,"FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a ""Cookie: Name=0admin"" header.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:fiberhome:vdsl2_modem_hg_150-ub_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:vdsl2_modem_hg_150-ub:-:*:*:*:*:*:*:*']",1,0
CVE-2018-9249,Fiberhome,0.00369,9.8,0.0,1.0,0.0,1.0,1,2018-04-04,0.0,,0.0,,,FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:fiberhome:vdsl2_modem_hg_150-ub_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:vdsl2_modem_hg_150-ub:-:*:*:*:*:*:*:*']",0,0
CVE-2019-17187,Fiberhome,0.01096,7.5,0.0,1.0,0.0,0.0,1,2019-10-08,0.0,,0.0,,,/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:fiberhome:hg2201t_firmware:1.00.m5007_js_201804:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg2201t:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27139,Fiberhome,0.00457,7.5,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to extract information from the device without authentication by disabling JavaScript and visiting /info.asp.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-27140,Fiberhome,0.0064,7.5,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to find passwords and authentication cookies stored in cleartext in the web.log HTTP logs.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-312'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27141,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. Credentials in /fhconf/umconfig.txt are obfuscated via XOR with the hardcoded *j7a(L#yZ98sSd5HfSgGjMj8;Ss;d)(*&^#@$a2s0i3g key. (The webs binary has details on how XOR is used.),CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27142,Fiberhome,0.07532,7.5,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,"An issue was discovered on FiberHome HG6245D devices through RP2613. The web management is done over HTTPS, using a hardcoded private key that has 0777 permissions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27143,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / user1234 credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27144,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded f~i!b@e#r$h%o^m*esuperadmin / s(f)u_h+g|u credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-27145,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / lnadmin credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-27146,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / CUadmin credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27147,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / admin credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27148,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded telecomadmin / nE7jA%5m credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27149,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded adminpldt / z6dUABtl270qRxt7a2uGTiw credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27150,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded gestiontelebucaramanga / t3l3buc4r4m4ng42013 credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27151,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded rootmet / m3tr0r00t credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27152,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded awnfibre / fibre@dm!n credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27153,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded trueadmin / admintrue credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27154,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / G0R2U1P2ag credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27155,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 3UJUh2VemEfUtesEchEC2d2e credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27156,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains credentials for an ISP that equal the last part of the MAC address of the br0 interface.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27157,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 888888 credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27158,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded L1vt1m4eng / 888888 credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27159,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded useradmin / 888888 credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27160,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / 888888 credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27161,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 1234 credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27162,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / tattoo@home credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27163,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / tele1234 credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27164,Fiberhome,0.81177,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / aisadmin credentials for an ISP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27165,Fiberhome,0.82404,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The telnet daemon on port 23/tcp can be abused with the gpon/gpon credentials.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27166,Fiberhome,0.82404,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. The password for the enable command is gpon.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27167,Fiberhome,0.82404,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. There is a password of four hexadecimal characters for the admin account. These characters are generated in init_3bb_password in libci_adaptation_layer.so.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27168,Fiberhome,0.82404,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. There is a 6GFJdY4aAuUKJjdtSn7d password for the rdsadmin account.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27169,Fiberhome,0.82404,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome AN5506-04-FA devices with firmware RP2631. There is a gepon password for the gepon account.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:an5506-04-fa_firmware:rp2631:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:an5506-04-fa:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27170,Fiberhome,0.00898,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,"An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no firewall rules for IPv6 connectivity, exposing the internal management interfaces to the Internet.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-922'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27171,Fiberhome,0.00898,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell (or tshell).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27172,Fiberhome,0.82404,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. A hardcoded GEPON password for root is defined inside /etc/init.d/system-config.sh.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27173,Fiberhome,0.00114,7.5,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,"An issue was discovered on FiberHome HG6245D devices through RP2613. There is a telnet?enable=0&key=calculated(BR0_MAC) backdoor API, without authentication, provided by the HTTP server. This will remove firewall rules and allow an attacker to reach the telnet server (used for the CLI).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['NVD-CWE-Other'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27174,Fiberhome,0.0064,7.5,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. wifi_custom.cfg has cleartext passwords and 0644 permissions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-312'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27175,Fiberhome,0.0064,7.5,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_2g.cfg has cleartext passwords and 0644 permissions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-312'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27176,Fiberhome,0.0064,7.5,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_5g.cfg has cleartext passwords and 0644 permissions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-312'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27177,Fiberhome,0.00898,9.8,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to bypass authentication by sending the decoded value of the GgpoZWxwCmxpc3QKd2hvCg== string to the telnet server.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-863'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27178,Fiberhome,0.0064,7.5,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. Some passwords are stored in cleartext in nvram.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-312'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27179,Fiberhome,0.00127,7.5,0.0,1.0,0.0,1.0,1,2021-02-10,0.0,,0.0,,,An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to crash the telnet daemon by sending a certain 0a 65 6e 61 62 6c 65 0a 02 0a 1a 0a string.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:o:fiberhome:hg6245d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg6245d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-41946,Fiberhome,0.00065,5.4,0.0,1.0,0.0,1.0,1,2022-05-18,0.0,,0.0,,,"In FiberHome VDSL2 Modem HG150-Ub_V3.0, a stored cross-site scripting (XSS) vulnerability in Parental Control --> Access Time Restriction --> Username field, a user cannot delete the rule due to the XSS.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:h:fiberhome:hg150-ub:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:hg150-ub_firmware:3.0:*:*:*:*:*:*:*']",0,0
CVE-2021-42912,Fiberhome,0.0086,8.8,0.0,1.0,0.0,1.0,1,2021-12-16,0.0,,0.0,,,"FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This vulnerability allows the attacker, once logged in, to send commands to the operating system as the root user via the ping diagnostic tool, bypassing the IP address field, and concatenating OS commands with a semicolon.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:h:fiberhome:an5506-01-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:an5506-01-a_firmware:rp0509:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:an5506-01-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:an5506-01-b_firmware:rp2610:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:an5506-02-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:an5506-02-b_firmware:rp2520:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:an5506-02-b_firmware:rp2521:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:an5506-02-b_firmware:rp2603:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:an5506-04-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:an5506-04-b_firmware:rp2510:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:an5506-04-f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:an5506-04-f_firmware:rp2617:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:an5506-04-g2g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fiberhome:aan5506-04-g2g_firmware:rp2560:*:*:*:*:*:*:*']",0,0
CVE-2022-38814,Fiberhome,0.00054,5.4,0.0,1.0,0.0,1.0,1,2022-09-15,0.0,,0.0,,,A stored cross-site scripting (XSS) vulnerability in the auth_settings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfg_loid text field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:fiberhome:an5506-02-b_firmware:rp2521:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:an5506-02-b:-:*:*:*:*:*:*:*']",0,0
CVE-2019-17186,Fiberhome,0.00609,8.8,0.0,1.0,0.0,1.0,0,2019-10-08,0.0,,0.0,,,/var/WEB-GUI/cgi-bin/telnet.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication remote code execution.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-306'],"['cpe:2.3:o:fiberhome:hg2201t_firmware:hg2201t_1.00.m5007_js_201804:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg2201t:-:*:*:*:*:*:*:*']",0,0
CVE-2022-36200,Fiberhome,0.00496,7.5,0.0,1.0,0.0,1.0,0,2022-08-29,0.0,,0.0,,,"In FiberHome VDSL2 Modem HG150-Ub_V3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-319'],"['cpe:2.3:o:fiberhome:hg150-ub_firmware:3.0:*:*:*:*:*:*:*', 'cpe:2.3:h:fiberhome:hg150-ub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-14219,Intelbras,0.00116,6.1,1.0,1.0,0.0,1.0,1,2017-09-07,0.0,,0.0,,,"XSS (persistent) on the Intelbras Wireless N 150Mbps router with firmware WRN 240 allows attackers to steal wireless credentials without being connected to the network, related to userRpm/popupSiteSurveyRpm.htm and userRpm/WlanSecurityRpm.htm. The attack vector is a crafted ESSID, as demonstrated by an ""airbase-ng -e"" command.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:intelbras:wrn_240_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:wrn_240:-:*:*:*:*:*:*:*']",1,0
CVE-2017-14942,Intelbras,0.07421,9.8,0.0,1.0,0.0,1.0,1,2017-09-30,0.0,,0.0,,,"Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-552'],"['cpe:2.3:o:intelbras:wrn_150_firmware:1.0.1:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:wrn_150:-:*:*:*:*:*:*:*']",0,0
CVE-2018-10369,Intelbras,0.00222,9.8,0.0,1.0,0.0,1.0,1,2018-08-15,0.0,,0.0,,,A Cross-site scripting (XSS) vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-79'],"['cpe:2.3:o:intelbras:win_240_firmware:1.1.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:win_240:-:*:*:*:*:*:*:*']",0,0
CVE-2018-11094,Intelbras,0.07498,9.8,1.0,1.0,0.0,1.0,1,2018-05-15,0.0,,1.0,2018-05-14,,"An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and other details are retrieved.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:intelbras:ncloud_300_firmware:1.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:ncloud_300:-:*:*:*:*:*:*:*']",1,0
CVE-2018-12455,Intelbras,0.00387,8.1,0.0,1.0,0.0,1.0,1,2018-10-10,0.0,,1.0,2018-08-22,,"Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using ""admin:"" as the name of a cookie.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-287'],"['cpe:2.3:h:intelbras:nplug:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:nplug_firmware:1.0.0.14:*:*:*:*:*:*:*']",0,0
CVE-2018-12456,Intelbras,0.00077,8.8,0.0,1.0,0.0,1.0,1,2018-10-10,0.0,,1.0,2018-08-22,,"Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:intelbras:nplug_firmware:1.0.0.14:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:nplug:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17337,Intelbras,0.00123,6.1,0.0,1.0,0.0,1.0,1,2018-10-10,0.0,,1.0,2018-08-22,,Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is received via a network broadcast.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:intelbras:nplug_firmware:1.0.0.14:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:nplug:-:*:*:*:*:*:*:*']",0,0
CVE-2018-9010,Intelbras,0.00909,7.2,1.0,1.0,0.0,1.0,1,2018-03-25,0.0,,0.0,,,"Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote authenticated admins to read arbitrary files via the /cgi-bin/cgiServer.exx page parameter, aka absolute path traversal. In some cases, authentication can be achieved via the admin account with its default admin password.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-22'],"['cpe:2.3:h:intelbras:tip200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:tip200_firmware:60.0.75.29:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:tip200lite:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:tip200lite_firmware:60.0.75.29:*:*:*:*:*:*:*']",1,0
CVE-2019-11414,Intelbras,0.00249,8.8,0.0,1.0,0.0,1.0,1,2019-04-22,0.0,,0.0,,,"An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-640'],"['cpe:2.3:o:intelbras:iwr_3000n_firmware:1.5.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:iwr_3000n:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11415,Intelbras,0.03619,7.5,1.0,1.0,0.0,1.0,1,2019-04-22,1.0,2019-04-30,,,0.0,"An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""""} string to v1/system/login.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:intelbras:iwr_3000n_firmware:1.5.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:iwr_3000n:-:*:*:*:*:*:*:*']",1,0
CVE-2019-11416,Intelbras,0.00966,8.8,1.0,1.0,0.0,1.0,1,2019-04-22,1.0,2019-04-30,,,0.0,"A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:intelbras:iwr_3000n_firmware:1.5.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:iwr_3000n:-:*:*:*:*:*:*:*']",1,0
CVE-2019-17222,Intelbras,0.00087,6.1,0.0,1.0,0.0,1.0,1,2019-11-07,0.0,,0.0,,,"An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:intelbras:wrn_150_firmware:1.0.17:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:wrn_150:-:*:*:*:*:*:*:*']",0,0
CVE-2019-17600,Intelbras,0.00826,9.8,0.0,1.0,0.0,1.0,1,2019-10-15,1.0,2019-04-30,,,1.0,Intelbras IWR 1000N 1.6.4 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-352'],"['cpe:2.3:h:intelbras:iwr_1000n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:iwr_1000n_firmware:1.6.4:*:*:*:*:*:*:*']",0,0
CVE-2019-19007,Intelbras,0.00078,7.2,0.0,1.0,0.0,1.0,1,2019-12-05,0.0,,0.0,,,"Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-200'],"['cpe:2.3:o:intelbras:iwr_3000n_firmware:1.8.7:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:iwr_3000n:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19142,Intelbras,0.02157,7.5,1.0,1.0,0.0,1.0,1,2020-01-17,0.0,,0.0,,,Intelbras WRN240 devices do not require authentication to replace the firmware via a POST request to the incoming/Firmware.cfg URI.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:o:intelbras:wrn_240_firmware:2.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:wrn_240:-:*:*:*:*:*:*:*']",1,0
CVE-2019-19516,Intelbras,0.00093,6.5,1.0,1.0,0.0,1.0,1,2019-12-02,0.0,,0.0,,,Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-352'],"['cpe:2.3:o:intelbras:wrn_150_firmware:1.0.18:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:wrn_150:-:*:*:*:*:*:*:*']",1,0
CVE-2019-19517,Intelbras,0.00112,8.8,0.0,1.0,0.0,1.0,1,2020-05-05,0.0,,0.0,,,"Intelbras RF1200 1.1.3 devices allow CSRF to bypass the login.html form, as demonstrated by launching a scrapy process.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:intelbras:action_rf_1200_firmware:1.1.3:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:action_rf_1200:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19995,Intelbras,0.00073,8.8,0.0,1.0,0.0,1.0,1,2019-12-26,0.0,,0.0,,,"A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:intelbras:iwr_3000n_firmware:1.8.7:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:iwr_3000n:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19996,Intelbras,0.00217,7.5,0.0,1.0,0.0,1.0,1,2019-12-26,0.0,,0.0,,,"An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""""} string to v1/system/login.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:intelbras:iwr_3000n_firmware:1.8.7:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:iwr_3000n:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20004,Intelbras,0.0022,8.8,0.0,1.0,0.0,1.0,1,2020-01-05,0.0,,0.0,,,"An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-640'],"['cpe:2.3:o:intelbras:iwr_3000n_firmware:1.8.7:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:iwr_3000n:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8829,Intelbras,0.00112,8.8,0.0,1.0,0.0,1.0,1,2020-05-05,0.0,,0.0,,,CSRF on Intelbras CIP 92200 devices allows an attacker to access the panel and perform scraping or other analysis.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:intelbras:cip_92200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:cip_92200:-:*:*:*:*:*:*:*']",0,0
CVE-2020-12262,Intelbras,0.00083,5.4,0.0,1.0,0.0,1.0,0,2020-11-27,0.0,,0.0,,,"Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61.75.15 devices allow /cgi-bin/cgiServer.exx?page= XSS.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:h:intelbras:tip200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:tip200_firmware:65.61.75.15:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:tip200lite:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:tip200lite_firmware:60.61.75.15:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:tip300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:tip300_firmware:60.61.75.15:*:*:*:*:*:*:*']",0,0
CVE-2020-13886,Intelbras,0.00259,5.3,0.0,1.0,0.0,1.0,0,2020-11-26,0.0,,0.0,,,"Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 devices allow cgi-bin/cgiServer.exx?page=../ Directory Traversal.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-22'],"['cpe:2.3:h:intelbras:tip200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:tip200_firmware:60.61.75.15:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:tip200lite:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:tip200lite_firmware:60.61.75.15:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:tip300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:tip300_firmware:65.61.75.22:*:*:*:*:*:*:*']",0,0
CVE-2020-24285,Intelbras,0.00293,7.5,0.0,1.0,0.0,1.0,0,2021-04-12,0.0,,0.0,,,INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 allows an attacker to obtain sensitive information through /cgi-bin/cgiServer.exx.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:intelbras:tip200_firmware:60.61.75.22:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:tip200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:tip200lite_firmware:60.61.75.22:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:tip200lite:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3017,Intelbras,0.09152,7.5,0.0,1.0,0.0,1.0,0,2021-04-14,0.0,,0.0,,,The web interface on Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirelesspassword line in the HTML source code.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:intelbras:win_300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:win_300_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:wrn_342:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intelbras:wrn_342_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-32402,Intelbras,0.00112,8.8,0.0,1.0,0.0,1.0,0,2021-05-17,0.0,,0.0,,,Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of validation and insecure configurations in inputs and modules.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:intelbras:rf_301k_firmware:1.1.2:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:rf_301k:-:*:*:*:*:*:*:*']",0,0
CVE-2021-32403,Intelbras,0.00173,8.8,1.0,1.0,0.0,1.0,0,2021-05-17,0.0,,0.0,,,Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of security mechanisms for token protection and unsafe inputs and modules.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:intelbras:rf_301k_firmware:1.1.2:*:*:*:*:*:*:*', 'cpe:2.3:h:intelbras:rf_301k:-:*:*:*:*:*:*:*']",1,0
CVE-2017-14443,Insteon,0.0007,6.5,0.0,0.0,0.0,1.0,1,2018-09-17,1.0,2018-04-12,,,1.0,"An exploitable information leak vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly checks the number of GET parameters supplied, leading to an arbitrarily controlled information leak on the whole device memory. An attacker can send an authenticated HTTP request to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-200'],"['cpe:2.3:o:insteon:hub_2245-222_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub_2245-222:-:*:*:*:*:*:*:*']",0,0
CVE-2017-14444,Insteon,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the URL parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET request to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-119'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-14445,Insteon,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the host parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET request to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-120'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-14446,Insteon,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An exploitable stack-based buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation unsafely extracts parameters from the query string, leading to a buffer overflow on the stack. An attacker can send an HTTP GET request to trigger this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-787'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-14447,Insteon,0.00073,7.7,0.0,1.0,0.0,1.0,1,2018-08-06,1.0,2018-04-12,,,1.0,An exploitable buffer overflow vulnerability exists in the PubNub message handler for the 'ad' channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N,NETWORK,LOW,LOW,NONE,CHANGED,NONE,HIGH,NONE,HIGH,3.1,4.0,['CWE-119'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-14452,Insteon,0.00101,8.8,0.0,1.0,0.0,1.0,1,2018-08-23,1.0,2018-04-12,,,1.0,"An exploitable buffer overflow vulnerability exists in the PubNub message handler for the ""control"" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. A strcpy overflows the buffer insteon_pubnub.channel_cc_r, which has a size of 16 bytes. An attacker can send an arbitrarily long ""c_r"" parameter in order to exploit this vulnerability. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-119'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-14453,Insteon,0.00096,8.8,0.0,0.0,0.0,1.0,1,2018-08-23,1.0,2018-04-12,,,1.0,"On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability. A strcpy overflows the buffer insteon_pubnub.channel_ad_r, which has a size of 16 bytes. An attacker can send an arbitrarily long ""ad_r"" parameter in order to exploit this vulnerability.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-119'],"['cpe:2.3:o:insteon:hub_2245-222_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub_2245-222:-:*:*:*:*:*:*:*']",0,0
CVE-2017-14455,Insteon,0.00095,8.8,0.0,0.0,0.0,1.0,1,2018-08-23,1.0,2018-04-12,,,1.0,"On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability. A strcpy overflows the buffer insteon_pubnub.channel_ak, which has a size of 16 bytes. An attacker can send an arbitrarily long ""ak"" parameter in order to exploit this vulnerability.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-119'],"['cpe:2.3:o:insteon:hub_2245-222_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub_2245-222:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16252,Insteon,0.00087,6.5,0.0,0.0,0.0,1.0,1,2018-08-06,1.0,2018-04-12,,,1.0,"Specially crafted commands sent through the PubNub service in Insteon Hub 2245-222 with firmware version 1012 can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability.At 0x9d014cc0 the value for the cmd key is copied using strcpy to the buffer at $sp+0x11c. This buffer is 20 bytes large, sending anything longer will cause a buffer overflow.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,HIGH,2.8,5.2,['CWE-787'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub_2245-222:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16253,Insteon,0.00099,6.5,0.0,1.0,0.0,1.0,1,2019-03-21,1.0,2018-04-12,,,1.0,"An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP request At 0x9d014dd8 the value for the id key is copied using strcpy to the buffer at $sp+0x290. This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,HIGH,2.8,5.2,['CWE-787'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:2245-222:-:*:*:*:*:*:*']",0,0
CVE-2017-16254,Insteon,0.00099,6.5,0.0,1.0,0.0,1.0,1,2019-03-21,1.0,2018-04-12,,,1.0,"An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP request at 0x9d014e4c the value for the flg key is copied using strcpy to the buffer at $sp+0x270. This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,HIGH,2.8,5.2,['CWE-787'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:2245-222:-:*:*:*:*:*:*']",0,0
CVE-2017-16337,Insteon,0.00101,8.8,0.0,0.0,0.0,1.0,1,2018-08-23,1.0,2018-04-12,,,1.0,"On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. At 0x9d01ef24 the value for the s_offset key is copied using strcpy to the buffer at $sp+0x2b0. This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-120'],"['cpe:2.3:o:insteon:hub_2245-222_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub_2245-222:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16339,Insteon,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bb1c the value for the uri key is copied using strcpy to the buffer at 0xa00016a0. This buffer is 64 bytes large, sending anything longer will cause a buffer overflow.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-120'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16340,Insteon,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c0e8 the value for the s_dport key is copied using strcpy to the buffer at 0xa000180c. This buffer is 6 bytes large, sending anything longer will cause a buffer overflow.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-120'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16341,Insteon,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c224 the value for the s_vol_play key is copied using strcpy to the buffer at 0xa0000418. This buffer is maximum 8 bytes large (this is the maximum size it could be, it is possible other global variables are stored between this variable and the next one that we could identify), sending anything longer will cause a buffer overflow.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-120'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16342,Insteon,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c254 the value for the s_vol_dim_delta key is copied using strcpy to the buffer at 0xa0000514. This buffer is 4 bytes large, sending anything longer will cause a buffer overflow.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-120'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16343,Insteon,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c284 the value for the s_vol_brt_delta key is copied using strcpy to the buffer at 0xa0000510. This buffer is 4 bytes large, sending anything longer will cause a buffer overflow.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-120'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16344,Insteon,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c2c8 the value for the s_url key is copied using strcpy to the buffer at 0xa0001a0c. This buffer is 16 bytes large, sending anything longer will cause a buffer overflow. The destination can also be shifted by using an sn_speaker parameter between ""0"" and ""3"".",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-120'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16345,Insteon,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c318 the value for the s_port key is copied using strcpy to the buffer at 0xa00017f4. This buffer is 6 bytes large, sending anything longer will cause a buffer overflow. The destination can also be shifted by using an sn_speaker parameter between ""0"" and ""3"".",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-120'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16346,Insteon,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c368 the value for the s_mac key is copied using strcpy to the buffer at 0xa000170c. This buffer is 25 bytes large, sending anything longer will cause a buffer overflow. The destination can also be shifted by using an sn_speaker parameter between ""0"" and ""3"".",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-120'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16347,Insteon,0.00101,9.9,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01e7d4 the value for the s_vol key is copied using strcpy to the buffer at 0xa0001700. This buffer is maximum 12 bytes large (this is the maximum size it could be, it is possible other global variables are stored between this variable and the next one that we could identify), sending anything longer will cause a buffer overflow.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-120'],"['cpe:2.3:o:insteon:hub_firmware:1012:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2018-11560,Insteon,0.00465,9.8,0.0,1.0,0.0,1.0,1,2018-06-23,0.0,,0.0,,,"The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:insteon:2864-222_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:2864-222:*:*:*:*:*:*:*:*']",0,0
CVE-2018-12640,Insteon,0.00465,9.8,0.0,1.0,0.0,1.0,1,2018-06-23,1.0,2018-04-12,,,1.0,"The webService binary on Insteon HD IP Camera White 2864-222 devices has a Buffer Overflow via a crafted pid, pwd, or usr key in a GET request on port 34100.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:insteon:2864-222_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:2864-222:*:*:*:*:*:*:*:*']",0,0
CVE-2018-3832,Insteon,0.00103,9.0,0.0,0.0,0.0,1.0,1,2018-08-23,1.0,2018-04-12,,,1.0,"An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uploading unsigned firmware images to the device. To trigger this vulnerability, an attacker can upload an MPFS binary via the '/mpfsupload' HTTP form and later on upload the firmware via a POST request to 'firmware.htm'.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,REQUIRED,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.3,6.0,['CWE-434'],"['cpe:2.3:h:insteon:hub_2245-222:-:*:*:*:*:*:*:*', 'cpe:2.3:o:insteon:hub_2245-222_firmware:1013:*:*:*:*:*:*:*']",0,0
CVE-2018-3834,Insteon,0.00144,7.4,0.0,1.0,0.0,1.0,1,2018-08-02,1.0,2018-04-12,,,1.0,"An exploitable permanent denial of service vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using plain HTTP requests. The device doesn't check the kind of firmware image that is going to be installed and thus allows for flashing any signed firmware into any MCU. Since the device contains different and incompatible MCUs, flashing one firmware to the wrong MCU will result in a permanent brick condition. To trigger this vulnerability, an attacker needs to impersonate the remote server ""cache.insteon.com"" and serve a signed firmware image.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH,HIGH,2.2,5.2,['CWE-346'],"['cpe:2.3:o:insteon:hub_firmware:1013:*:*:*:*:*:*:*', 'cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5250,Insteon,0.00222,9.8,0.0,0.0,1.0,0.0,0,2018-02-22,0.0,,0.0,,,"In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-312', 'CWE-922']",['cpe:2.3:a:insteon:insteon_for_hub:*:*:*:*:*:android:*:*'],0,0
CVE-2017-14515,Tenda,0.00253,7.5,0.0,1.0,0.0,1.0,1,2017-09-17,0.0,,0.0,,,Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 allows remote attackers to cause a denial of service (temporary HTTP outage and forced logout) via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-119'],"['cpe:2.3:o:tenda:w15e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:w15e:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16923,Tenda,0.00171,8.8,0.0,1.0,0.0,1.0,1,2017-11-21,0.0,,0.0,,,"Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to execute arbitrary OS commands via a crafted cgi-bin/luci/usbeject?dev_name= GET request from the LAN. This occurs because the ""sub_A6E8 usbeject_process_entry"" function executes a system function with untrusted input.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:tenda:ac9_firmware:us_ac9v1.0br_v15.03.05.14_multi_td01:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tenda:ac9_firmware:ac9_kf_v15.03.05.19\\(6318_\\)_cn:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tenda:ac15_firmware:us_ac15v1.0br_v15.03.05.18_multi_td01:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac15:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tenda:ac15_firmware:us_ac15v1.0br_v15.03.05.19_multi_td01:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac15:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tenda:ac18_firmware:us_ac18v1.0br_v15.03.05.05_multi_td01:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tenda:ac18_firmware:ac18_kf_v15.03.05.19\\(6318_\\)_cn:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9139,Tenda,0.00044,3.5,0.0,1.0,0.0,1.0,1,2017-05-21,0.0,,0.0,,,"There is a stack-based buffer overflow on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). Crafted POST requests to an unspecified URL result in DoS, interrupting the HTTP service (used to login to the web UI of a router) for 1 to 2 seconds.",CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,LOW,LOW,2.1,1.4,['CWE-119'],"['cpe:2.3:o:tendacn:f1200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:f1200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:fh1202_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:fh1202:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:f1202_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:f1202:-:*:*:*:*:*:*:*']",0,0
CVE-2019-16213,Tenda,0.01164,8.8,0.0,1.0,0.0,1.0,1,2020-06-25,0.0,,0.0,,,"Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:tendacn:pa6_firmware:1.0.1.21:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:pa6:-:*:*:*:*:*:*:*']",0,0
CVE-2019-16412,Tenda,0.00114,7.5,0.0,1.0,0.0,1.0,1,2019-09-19,0.0,,0.0,,,"In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:o:tendacn:n301_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:n301:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19505,Tenda,0.00485,8.8,0.0,1.0,0.0,1.0,1,2020-06-25,0.0,,0.0,,,"Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ""Wireless"" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:tendacn:pa6_firmware:1.0.1.21:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:pa6:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19506,Tenda,0.0014,7.5,0.0,1.0,0.0,1.0,1,2020-06-25,0.0,,0.0,,,"Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the ""homeplugd"" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-835'],"['cpe:2.3:o:tendacn:pa6_firmware:1.0.1.21:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:pa6:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5071,Tenda,0.00042,7.8,0.0,1.0,0.0,1.0,1,2019-11-21,0.0,,0.0,,,"An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS1 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-78'],"['cpe:2.3:o:tendacn:ac9v1.0_firmware:15.03.05.14_en:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:ac9v1.0_firmware:15.03.05.16multitru:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac1200_smart_dual-band_gigabit_wifi:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5072,Tenda,0.00042,7.8,0.0,1.0,0.0,1.0,1,2019-11-21,0.0,,0.0,,,"An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS2 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-78'],"['cpe:2.3:o:tendacn:ac9v1.0_firmware:15.03.05.14_en:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:ac9v1.0_firmware:15.03.05.16multitru:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac1200_smart_dual-band_gigabit_wifi:-:*:*:*:*:*:*:*']",0,0
CVE-2020-15916,Tenda,0.38355,9.8,0.0,1.0,0.0,1.0,1,2020-07-23,0.0,,0.0,,,goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:tenda:ac15_firmware:15.03.05.19:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac15:-:*:*:*:*:*:*:*']",0,0
CVE-2020-20746,Tenda,0.00354,7.2,0.0,1.0,0.0,1.0,1,2021-09-30,0.0,,0.0,,,A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-787'],"['cpe:2.3:o:tendacn:ac9_firmware:15.03.06.60_en:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac9:3.0:*:*:*:*:*:*:*']",0,0
CVE-2020-22079,Tenda,0.01981,9.8,0.0,1.0,0.0,1.0,1,2021-10-29,0.0,,0.0,,,Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tendacn:ac10u_firmware:15.03.06.48_multi_tde01:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac10u:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:ac9_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac9:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:ac9_firmware:15.03.06.42_multi:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac9:3.0:*:*:*:*:*:*:*']",0,0
CVE-2020-24987,Tenda,0.05953,9.8,0.0,1.0,0.0,1.0,1,2020-09-04,0.0,,0.0,,,"Tenda AC18 Router through V15.03.05.05_EN and through V15.03.05.19(6318) CN devices could cause a remote code execution due to incorrect authentication handling of vulnerable logincheck() function in /usr/lib/lua/ngx_authserver/ngx_wdas.lua file if the administrator UI Interface is set to ""radius"".",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:h:tendacn:ac18:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:ac18_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac18:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:ac18_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-28093,Tenda,0.00109,7.2,0.0,1.0,0.0,1.0,1,2020-12-28,0.0,,0.0,,,"On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, admin, support, user, and nobody have a password of 1234.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:tendacn:ac1200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:ac1200_firmware:15.03.06.51:*:*:*:*:*:*:*']",0,0
CVE-2021-31627,Tenda,0.00093,8.8,0.0,1.0,0.0,1.0,1,2021-10-29,0.0,,0.0,,,"Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-120'],"['cpe:2.3:o:tendacn:ac9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac9:3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:ac9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac9:1.0:*:*:*:*:*:*:*']",0,0
CVE-2021-31755,Tenda,0.97145,9.8,0.0,1.0,0.0,1.0,1,2021-05-07,0.0,,0.0,,,An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac11_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac11:-:*:*:*:*:*:*:*']",0,0
CVE-2021-38772,Tenda,0.00082,7.5,0.0,1.0,0.0,1.0,1,2022-03-23,0.0,,0.0,,,Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-120'],"['cpe:2.3:o:tendacn:ac10_firmware:15.03.06.23:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac10:-:*:*:*:*:*:*:*']",0,0
CVE-2021-42659,Tenda,0.00051,6.5,0.0,1.0,0.0,1.0,1,2022-05-24,0.0,,0.0,,,"There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-119'],"['cpe:2.3:h:tenda:ac9:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:tenda:ac9_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac9:3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:tenda:ac9_firmware:15.03.06.42_multi:*:*:*:*:*:*:*']",0,0
CVE-2021-44352,Tenda,0.00352,9.8,0.0,1.0,0.0,1.0,1,2021-12-03,0.0,,0.0,,,A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tendacn:ac15_firmware:15.03.05.18_multi:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac15:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45401,Tenda,0.00926,9.8,0.0,1.0,0.0,1.0,1,2022-02-18,0.0,,0.0,,,"A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled ""deviceName"" value is passed directly to the ""doSystemCmd"" function.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:tendacn:ac10u_firmware:15.03.06.49_multi:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac10u:1.0:*:*:*:*:*:*:*']",0,0
CVE-2021-45988,Tenda,0.00091,7.5,0.0,1.0,0.0,1.0,1,2022-02-04,0.0,,0.0,,,Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDnsForward. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsForwardRule parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-787'],"['cpe:2.3:o:tendacn:g1_firmware:15.11.0.17\\(9502\\)_cn:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:g1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:g3_firmware:15.11.0.17\\(9502\\)_cn:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:g3:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45991,Tenda,0.00091,7.5,0.0,1.0,0.0,1.0,1,2022-02-04,0.0,,0.0,,,Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddVpnUsers. This vulnerability allows attackers to cause a Denial of Service (DoS) via the vpnUsers parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-787'],"['cpe:2.3:o:tendacn:g1_firmware:15.11.0.17\\(9502\\)_cn:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:g1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:g3_firmware:15.11.0.17\\(9502\\)_cn:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:g3:-:*:*:*:*:*:*:*']",0,0
CVE-2021-45997,Tenda,0.00091,7.5,0.0,1.0,0.0,1.0,1,2022-02-04,0.0,,0.0,,,"Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-787'],"['cpe:2.3:o:tendacn:g1_firmware:15.11.0.17\\(9502\\)_cn:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:g1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:g3_firmware:15.11.0.17\\(9502\\)_cn:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:g3:-:*:*:*:*:*:*:*']",0,0
CVE-2021-46265,Tenda,0.00285,9.8,0.0,1.0,0.0,1.0,1,2022-02-15,0.0,,0.0,,,Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wanBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac11_firmware:02.03.01.104_cn:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac11:-:*:*:*:*:*:*:*']",0,0
CVE-2021-46321,Tenda,0.00285,9.8,0.0,1.0,0.0,1.0,1,2022-02-15,0.0,,0.0,,,Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac11_firmware:02.03.01.104_cn:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac11:-:*:*:*:*:*:*:*']",0,0
CVE-2021-46393,Tenda,0.00662,9.8,0.0,1.0,0.0,1.0,1,2022-03-04,0.0,,0.0,,,"There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack overflow. By POSTing the page /goform/SetPptpServerCfg with proper startIp, the attacker can easily perform remote code execution with carefully crafted overflow data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ax3_firmware:16.03.12.10:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ax3:-:*:*:*:*:*:*:*']",0,0
CVE-2021-46394,Tenda,0.00662,9.8,0.0,1.0,0.0,1.0,1,2022-03-04,0.0,,0.0,,,"There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN. The v13 variable is directly retrieved from the http request parameter startIp. Then v13 will be splice to stack by function sscanf without any security check, which causes stack overflow. By POSTing the page /goform/SetPptpServerCfg with proper startIp, the attacker can easily perform remote code execution with carefully crafted overflow data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ax3_firmware:16.03.12.10:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ax3:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30033,Tenda,0.00082,7.5,0.0,1.0,0.0,1.0,1,2022-05-18,0.0,,0.0,,,Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the functtion setIPv6Status() in httpd module.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-120'],"['cpe:2.3:o:tenda:tx9_pro_firmware:22.03.02.10:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:tx9_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30425,Tenda,0.02654,8.8,0.0,0.0,0.0,1.0,1,2022-06-02,0.0,,0.0,,,"Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:tenda:hg6_firmware:3.3.0-210926:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:hg6:1.0:*:*:*:*:*:*:*']",0,0
CVE-2022-35201,Tenda,0.01097,9.8,0.0,1.0,0.0,1.0,1,2022-08-19,0.0,,0.0,,,Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:tenda:ac18_firmware:15.03.05.05:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*']",0,0
CVE-2022-36233,Tenda,0.0006,5.5,0.0,1.0,0.0,0.0,1,2022-08-19,0.0,,0.0,,,"Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-787'],"['cpe:2.3:h:tendacn:ac9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:ac9_firmware:15.03.2.13:*:*:*:*:*:*:*']",0,0
CVE-2022-36570,Tenda,0.00097,7.2,0.0,1.0,0.0,1.0,1,2022-08-31,0.0,,0.0,,,Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac9_firmware:15.03.05.19:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac9:-:*:*:*:*:*:*:*']",0,0
CVE-2022-36571,Tenda,0.00097,7.2,0.0,1.0,0.0,1.0,1,2022-08-31,0.0,,0.0,,,Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac9_firmware:15.03.05.19:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac9:-:*:*:*:*:*:*:*']",0,0
CVE-2022-36587,Tenda,0.00278,9.8,0.0,1.0,0.0,1.0,1,2022-09-07,0.0,,0.0,,,"In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:tenda:g3_firmware:15.11.0.6\\(7663\\):*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:g3:-:*:*:*:*:*:*:*']",0,0
CVE-2020-35391,Tenda,0.0024,6.5,0.0,1.0,0.0,1.0,0,2021-01-01,0.0,,0.0,,,"Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information (possibly including an http_passwd line) via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg, a related issue to CVE-2017-14942. NOTE: the vulnerability report may suggest that either a ? character must be placed after the RouterCfm.cfg filename, or that the HTTP request headers must be unusual, but it is not known why these are relevant to the device's HTTP response behavior.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-425'],"['cpe:2.3:o:tenda:f3_firmware:12.01.01.48:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:f3:-:*:*:*:*:*:*:*']",1,0
CVE-2022-24163,Tenda,0.00136,7.5,0.0,1.0,0.0,1.0,0,2022-02-04,0.0,,0.0,,,Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the timeZone parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-787'],"['cpe:2.3:o:tenda:ax3_firmware:16.03.12.10_cn:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ax3:-:*:*:*:*:*:*:*']",0,0
CVE-2022-29591,Tenda,0.00253,9.8,0.0,1.0,0.0,1.0,0,2022-05-10,0.0,,0.0,,,Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:tenda:tx9_pro_firmware:22.03.02.10:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:tx9_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2022-29592,Tenda,0.00475,9.8,0.0,1.0,0.0,1.0,0,2022-05-05,0.0,,0.0,,,Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_route).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:tenda:tx9_pro_firmware:22.03.02.10:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:tx9_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30023,Tenda,0.00236,8.8,0.0,1.0,0.0,1.0,0,2022-06-16,0.0,,0.0,,,Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:tenda:hg9_firmware:1.0.1:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:hg9:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30472,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-05-26,0.0,,0.0,,,Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30473,Tenda,0.00117,7.5,0.0,1.0,0.0,1.0,0,2022-05-26,0.0,,0.0,,,Tenda AC Series Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function form_fast_setting_wifi_set,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-787'],"['cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30474,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-05-26,0.0,,0.0,,,Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30475,Tenda,0.00117,7.5,0.0,1.0,0.0,1.0,0,2022-05-26,0.0,,0.0,,,Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-787'],"['cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30476,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-05-26,0.0,,0.0,,,Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30477,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-05-26,0.0,,0.0,,,Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*']",0,0
CVE-2022-31446,Tenda,0.0378,9.8,0.0,1.0,0.0,1.0,0,2022-06-14,0.0,,0.0,,,Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:tendacn:ac18_firmware:15.03.05.05:*:*:*:*:*:*:*', 'cpe:2.3:o:tendacn:ac18_firmware:15.03.05.19:*:*:*:*:*:*:*', 'cpe:2.3:h:tendacn:ac18:-:*:*:*:*:*:*:*']",0,0
CVE-2022-32054,Tenda,0.01236,9.8,0.0,0.0,0.0,1.0,0,2022-07-07,0.0,,0.0,,,Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 was discovered to contain a remote code execution (RCE) vulnerability via the lanIp parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:tenda:ac10_firmware:15.03.06.26:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac10:1.0:*:*:*:*:*:*:*']",0,0
CVE-2022-37814,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-08-25,0.0,,0.0,,,Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the device_id parameters in the function addWifiMacFilter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac1206:-:*:*:*:*:*:*:*']",0,0
CVE-2022-38829,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-09-16,0.0,,0.0,,,Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setMacFilterCfg.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:tenda:rx9_pro_firmware:22.03.02.10:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2022-38831,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-09-16,0.0,,0.0,,,Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:tenda:rx9_pro_firmware:22.03.02.10:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2022-42078,Tenda,0.00061,6.5,0.0,1.0,0.0,0.0,0,2022-10-12,0.0,,0.0,,,Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-352'],"['cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23_multi_td01:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac1206:-:*:*:*:*:*:*:*']",0,0
CVE-2022-42079,Tenda,0.00117,7.5,0.0,1.0,0.0,0.0,0,2022-10-12,0.0,,0.0,,,Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via the function formWifiBasicSet.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-787'],"['cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23_multi_td01:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac1206:-:*:*:*:*:*:*:*']",0,0
CVE-2022-42080,Tenda,0.00117,7.5,0.0,1.0,0.0,0.0,0,2022-10-12,0.0,,0.0,,,Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a heap overflow via sched_start_time parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-787'],"['cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23_multi_td01:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac1206:-:*:*:*:*:*:*:*']",0,0
CVE-2022-42081,Tenda,0.00117,7.5,0.0,1.0,0.0,0.0,0,2022-10-12,0.0,,0.0,,,Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via sched_end_time parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-787'],"['cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23_multi_td01:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac1206:-:*:*:*:*:*:*:*']",0,0
CVE-2022-42163,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-10-17,0.0,,0.0,,,Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromNatStaticSetting.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac10_firmware:15.03.06.23:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac10:-:*:*:*:*:*:*:*']",0,0
CVE-2022-42164,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-10-17,0.0,,0.0,,,Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetClientState.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac10_firmware:15.03.06.23:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac10:-:*:*:*:*:*:*:*']",0,0
CVE-2022-42165,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-10-17,0.0,,0.0,,,Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetDeviceName.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac10_firmware:15.03.06.23:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac10:-:*:*:*:*:*:*:*']",0,0
CVE-2022-42166,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-10-17,0.0,,0.0,,,Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetSpeedWan.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:h:tenda:ac10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tenda:ac10_firmware:15.03.06.23:*:*:*:*:*:*:*']",0,0
CVE-2022-42168,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-10-17,0.0,,0.0,,,Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromSetIpMacBind.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac10_firmware:15.03.06.23:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac10:-:*:*:*:*:*:*:*']",0,0
CVE-2022-42169,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-10-17,0.0,,0.0,,,Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac10_firmware:15.03.06.23:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac10:-:*:*:*:*:*:*:*']",0,0
CVE-2022-42170,Tenda,0.00234,9.8,0.0,1.0,0.0,1.0,0,2022-10-17,0.0,,0.0,,,Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:tenda:ac10_firmware:15.03.06.23:*:*:*:*:*:*:*', 'cpe:2.3:h:tenda:ac10:-:*:*:*:*:*:*:*']",0,0
CVE-2017-15361,Haier,0.00376,5.9,0.0,1.0,0.0,0.0,1,2017-10-16,0.0,,0.0,,,"The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:infineon:trusted_platform_firmware:4.31:*:*:*:*:*:*:*', 'cpe:2.3:o:infineon:trusted_platform_firmware:4.32:*:*:*:*:*:*:*', 'cpe:2.3:o:infineon:trusted_platform_firmware:6.40:*:*:*:*:*:*:*', 'cpe:2.3:o:infineon:trusted_platform_firmware:133.32:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:c720_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebase:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebase_24:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c730e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c740:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_c771t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_11_n7_c731:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_13_cb5-311:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_14_cb3-431:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_14_for_work_cp5-471:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_15_cb3-531:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_15_cb3-532:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_15_cb5-571:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_r11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebook_r13_cb5-312t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebox:-:*:*:*:*:*:*:*', 'cpe:2.3:h:acer:chromebox_cxi2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:aopen:chromebase:-:*:commercial:*:*:*:*:*', 'cpe:2.3:h:aopen:chromebase:-:*:mini:*:*:*:*:*', 'cpe:2.3:h:aopen:chromebox:-:*:commercial:*:*:*:*:*', 'cpe:2.3:h:aopen:chromeboxi:-:*:mini:*:*:*:*:*', 'cpe:2.3:h:asi:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebit_cs10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c201pa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c202sa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c300sa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_c301sa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_flip_c100pa:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebook_flip_c302:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebox_cn60:-:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:chromebox_cn62:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bobicus:chromebook_11:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ctl:j2_chromebook:-:*:*:*:*:education:*:*', 'cpe:2.3:h:ctl:j4_chromebook:-:*:*:*:*:education:*:*', 'cpe:2.3:h:ctl:j5_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ctl:n6_chromebook:-:*:*:*:*:education:*:*', 'cpe:2.3:h:ctl:nl61_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_11_3120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_11_3189:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_11_model_3180:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebook_13_3380:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:chromebox:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edugear:chromebook_k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edugear:chromebook_m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edugear:chromebook_r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edugear:cmt_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edxis:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:edxis:education_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epik:chromebook_elb1101:-:*:*:*:*:*:*:*', 'cpe:2.3:h:google:pixel:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:chromebook_11_c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:chromebook_11_g2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:chromebook_11e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hexa:chromebook_pi:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hisense:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook:-:*:*:*:*:meetings:*:*', 'cpe:2.3:h:hp:chromebook_11-vxxx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_1100-1199:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_2000-2099:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_2100-2199:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_2200-2299:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g4\\/g4_ee:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_11_g5_ee:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_13_g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14_ak000-099:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14_g3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14_g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebook_14_x000-x999:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebox_cb1-\\(000-099\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:chromebox_g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:100s_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n20_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n21_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n22_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n23_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n23_flex_11_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n23_yoga_11_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:n42_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:thinkcentre_chromebox:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:thinkpad_11e_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lenovo:thinkpad_13_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:chromebase_22cb25s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lg:chromebase_22cv241:-:*:*:*:*:*:*:*', 'cpe:2.3:h:medion:akoya_s2013:-:*:*:*:*:*:*:*', 'cpe:2.3:h:medion:chromebook_s2015:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mercer:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mercer:v2_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ncomputing:chromebook_cx100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nexian:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:pcmerge:chromebook_pcm-116t-432b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:poin2:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:poin2:chromebook_14:-:*:*:*:*:*:*:*', 'cpe:2.3:h:positivo:chromebook_ch1190:-:*:*:*:*:*:*:*', 'cpe:2.3:h:prowise:entry_line_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:prowise:proline_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:rgs:education_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_2_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_2_11_xe500c12:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_2_13:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:chromebook_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sector-five:e1_rugged_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:senkatel:c1101_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:toshiba:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:toshiba:chromebook_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:toshiba:chromebook_2:-:*:2015:*:*:*:*:*', 'cpe:2.3:h:true:idc_chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:true:idc_chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:videonet:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:h:videonet:chromebook_bl10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:viglen:chromebook_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:viglen:chromebook_360:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xolo:chromebook:-:*:*:*:*:*:*:*', 'cpe:2.3:a:infineon:rsa_library:*:*:*:*:*:*:*:*']",0,0
CVE-2019-15359,Haier,0.00044,5.5,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:haier:a6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier:a6:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15370,Haier,0.00044,5.5,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Haier G8 Android device with a build fingerprint of Haier/HM-G559-FL/G8:8.1.0/O11019/1526527761:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:haier_g8_project:haier_g8_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier_g8_project:haier_g8:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15375,Haier,0.00044,5.5,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Haier G8 Android device with a build fingerprint of Haier/HM-G559-FL/G8:8.1.0/O11019/1522294799:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:haier:g8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:haier:g8_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15389,Haier,0.00159,8.1,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.1.13). This app contains an exported service named com.lovelyfont.manager.FontCoverService that allows any app co-located on the device to supply arbitrary commands to be executed as the system user. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. In addition to the local attack surface, its accompanying app with a package name of com.ekesoo.lovelyhifonts makes network requests using HTTP and an attacker can perform a Man-in-the-Middle (MITM) attack on the connection to inject a command in a network response that will be executed as the system user by the com.lovelyfont.defcontainer app. Executing commands as the system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), and obtains the user's text messages, and more. Executing commands as the system user can allow a third-party app to factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the GUI, change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, and obtains the user's text messages, and more.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:haier_a6_project:haier_a6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier_a6_project:haier_a6:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15390,Haier,0.00044,5.5,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Haier G8 Android device with a build fingerprint of Haier/HM-G559-FL/G8:8.1.0/O11019/1522294799:user/release-keys contains a pre-installed app with a package name of com.qiku.service.container app (versionCode=5, versionName=1.03.00_VER_32525983298984) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:haier_g8_project:haier_g8_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:haier_g8_project:haier_g8:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15367,Haier,0.00044,5.5,0.0,1.0,0.0,1.0,0,2019-11-14,0.0,,0.0,,,"The Haier P10 Android device with a build fingerprint of Haier/P10/P10:8.1.0/O11019/1532662449:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:haier:p10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:haier:p10_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16522,MitraStar,0.00382,8.8,0.0,1.0,0.0,1.0,1,2017-11-03,0.0,,0.0,,,MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote authenticated users to obtain root access by specifying /bin/sh as the command to execute.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-276'],"['cpe:2.3:o:mitrastar:gpt-2541gnac_firmware:1.00\\(vnj0\\)b1:*:*:*:*:*:*:*', 'cpe:2.3:h:mitrastar:gpt-2541gnac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mitrastar:dsl-100hn-t1_firmware:es_113wjy0b16:*:*:*:*:*:*:*', 'cpe:2.3:h:mitrastar:dsl-100hn-t1:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16523,MitraStar,0.00957,9.8,0.0,1.0,0.0,1.0,1,2017-11-03,0.0,,0.0,,,"MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices have a zyad1234 password for the zyad1234 account, which is equivalent to root and undocumented.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:mitrastar:gpt-2541gnac_firmware:1.00\\(vnj0\\)b1:*:*:*:*:*:*:*', 'cpe:2.3:h:mitrastar:gpt-2541gnac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mitrastar:dsl-100hn-t1_firmware:es_113wjy0b16:*:*:*:*:*:*:*', 'cpe:2.3:h:mitrastar:dsl-100hn-t1:-:*:*:*:*:*:*:*']",0,0
CVE-2021-42165,MitraStar,0.03613,8.8,1.0,1.0,0.0,1.0,0,2022-05-03,0.0,,0.0,,,"MitraStar GPT-2541GNAC-N1 (HGU) 100VNZ0b33 devices allow remote authenticated users to obtain root access by executing command ""deviceinfo show file &&/bin/bash"" because of incorrect sanitization of parameter ""path"".",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:mitrastar:gpt-2541gnac-n1_firmware:br_g3.5_100vnz0b33:*:*:*:*:*:*:*', 'cpe:2.3:h:mitrastar:gpt-2541gnac-n1:-:*:*:*:*:*:*:*']",1,0
CVE-2017-16563,Grandstream Networks,0.00079,8.0,0.0,1.0,0.0,1.0,1,2017-11-06,0.0,,0.0,,,"Cross-Site Request Forgery (CSRF) in the Basic Settings screen on Vonage (Grandstream) HT802 devices allows attackers to modify settings, related to cgi-bin/update.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['CWE-352'],"['cpe:2.3:o:grandstream:ht802_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht802:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16564,Grandstream Networks,0.00071,5.4,0.0,1.0,0.0,1.0,1,2017-11-06,0.0,,0.0,,,Stored Cross-site scripting (XSS) vulnerability in /cgi-bin/config2 on Vonage (Grandstream) HT802 devices allows remote authenticated users to inject arbitrary web script or HTML via the DHCP vendor class ID field (P148).,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:grandstream:ht802_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht802:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16565,Grandstream Networks,0.00112,8.8,0.0,1.0,0.0,1.0,1,2017-11-06,0.0,,0.0,,,Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage (Grandstream) HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:grandstream:ht802_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht802:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17563,Grandstream Networks,0.0009,5.3,0.0,1.0,0.0,1.0,1,2019-04-01,1.0,2019-01-03,,,1.0,A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-311'],"['cpe:2.3:o:grandstream:gxp1610_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1615_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1620_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1625_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1625:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1628_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1628:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1630_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1630:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17564,Grandstream Networks,0.00244,9.8,0.0,1.0,0.0,1.0,1,2019-04-01,1.0,2019-01-03,,,1.0,A Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:grandstream:gxp1610_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1615_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1620_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1625_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1625:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1628_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1628:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1630_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1630:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17565,Grandstream Networks,0.0027,9.8,0.0,1.0,0.0,1.0,1,2019-04-01,1.0,2019-01-03,,,1.0,Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:grandstream:gxp1610_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1615_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1620_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1625_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1625:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1628_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1628:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1630_firmware:1.0.4.128:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1630:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10655,Grandstream Networks,0.91721,9.8,0.0,1.0,0.0,1.0,1,2019-03-30,0.0,,0.0,,,"Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 before 1.0.3.219 Beta, and GXV3240 before 1.0.3.219 Beta devices allow unauthenticated remote code execution via shell metacharacters in a /manager?action=getlogcat priority field, in conjunction with a buffer overflow (via the phonecookie cookie) to overwrite a data structure and consequently bypass authentication. This can be exploited remotely or via CSRF because the cookie can be placed in an Accept HTTP header in an XMLHttpRequest call to lighttpd.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:grandstream:gac2500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gac2500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gvc3202_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gvc3202:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxv3275_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxv3275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxv3240_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxv3240:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp2200:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10656,Grandstream Networks,0.0022,8.8,0.0,1.0,0.0,1.0,1,2019-03-30,0.0,,0.0,,,Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/uci.apply update_nds_webroot_from_tmp API call.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:h:grandstream:gwn7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gwn7000_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-10658,Grandstream Networks,0.0022,8.8,0.0,1.0,0.0,1.0,1,2019-03-30,0.0,,0.0,,,Grandstream GWN7610 before 1.0.8.18 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/controller.icc.update_nds_webroot_from_tmp update_nds_webroot_from_tmp API call.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:grandstream:gwn7610_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gwn7610:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10659,Grandstream Networks,0.00209,8.8,0.0,1.0,0.0,1.0,1,2019-03-30,0.0,,0.0,,,Grandstream GXV3370 before 1.0.1.41 and WP820 before 1.0.3.6 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in a /manager?action=getlogcat priority field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:grandstream:gxv3370_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxv3370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:wp820_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:wp820:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10660,Grandstream Networks,0.00209,8.8,0.0,1.0,0.0,1.0,1,2019-03-30,0.0,,0.0,,,Grandstream GXV3611IR_HD before 1.0.3.23 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the /goform/systemlog?cmd=set logserver field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:grandstream:gxv3611ir_hd_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxv3611ir_hd:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10662,Grandstream Networks,0.00209,8.8,0.0,1.0,0.0,1.0,1,2019-03-30,0.0,,0.0,,,Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the backupUCMConfig file-backup parameter to the /cgi? URI.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:grandstream:ucm6204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6204:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10663,Grandstream Networks,0.0011,8.8,0.0,1.0,0.0,1.0,1,2019-03-30,0.0,,0.0,,,Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to conduct SQL injection attacks via the sord parameter in a listCodeblueGroup API call to the /cgi? URI.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-89'],"['cpe:2.3:o:grandstream:ucm6204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6204:-:*:*:*:*:*:*:*']",0,0
CVE-2020-25217,Grandstream Networks,0.00141,7.2,0.0,1.0,0.0,1.0,1,2021-03-29,1.0,2020-10-30,,,1.0,Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allows Command Injection as root in its administrative web interface.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-77'],"['cpe:2.3:o:grandstream:grp2612_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2612:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:grp2612p_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2612p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:grp2612w_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2612w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:grp2613_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2613:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:grp2614_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2614:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:grp2615_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:grp2616_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2616:-:*:*:*:*:*:*:*']",0,0
CVE-2020-25218,Grandstream Networks,0.00235,9.8,0.0,1.0,0.0,1.0,1,2021-03-29,1.0,2020-10-30,,,1.0,Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allow Authentication Bypass in its administrative web interface.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:o:grandstream:grp2612_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2612:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:grp2612p_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2612p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:grp2612w_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2612w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:grp2613_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2613:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:grp2614_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2614:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:grp2615_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:grp2616_firmware:1.0.3.6:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:grp2616:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5722,Grandstream Networks,0.97534,9.8,1.0,1.0,0.0,0.0,1,2020-03-23,1.0,2020-03-20,,,1.0,The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions before 1.0.20.17.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-89'],"['cpe:2.3:o:grandstream:ucm6200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6200:-:*:*:*:*:*:*:*']",1,0
CVE-2020-5723,Grandstream Networks,0.00659,9.8,0.0,1.0,0.0,1.0,1,2020-03-30,1.0,2020-03-30,,,1.0,The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an attacker to retrieve all passwords and possibly gain elevated privileges.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-312'],"['cpe:2.3:o:grandstream:ucm6202_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6202:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6208_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6208:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5724,Grandstream Networks,0.00226,7.5,0.0,1.0,0.0,1.0,1,2020-03-30,1.0,2020-03-30,,,1.0,The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-89'],"['cpe:2.3:o:grandstream:ucm6202_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6202:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6208_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6208:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5725,Grandstream Networks,0.00255,5.9,0.0,1.0,0.0,1.0,1,2020-03-30,1.0,2020-03-30,,,1.0,"The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the login action with a crafted username and, through the use of timing attacks, can discover user passwords.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-89'],"['cpe:2.3:o:grandstream:ucm6202_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6202:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6208_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6208:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5726,Grandstream Networks,0.00291,7.5,1.0,1.0,0.0,1.0,1,2020-03-30,1.0,2020-03-30,,,1.0,The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-89'],"['cpe:2.3:o:grandstream:ucm6202_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6202:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6208_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6208:-:*:*:*:*:*:*:*']",1,0
CVE-2020-5738,Grandstream Networks,0.00331,8.8,0.0,1.0,0.0,1.0,1,2020-04-14,0.0,,1.0,2020-04-06,,Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP /cgi-bin/upload_vpntar interface.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-59'],"['cpe:2.3:o:grandstream:gxp1610_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1620_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1625_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1625:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1628_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1628:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1630_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1630:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5739,Grandstream Networks,0.00257,8.8,0.0,1.0,0.0,1.0,1,2020-04-14,0.0,,1.0,2020-04-06,,"Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker adds an OpenVPN up script to the phone's VPN settings via the ""Additional Settings"" field in the web interface. When the VPN's connection is established, the user defined script is executed with root privileges.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-94'],"['cpe:2.3:o:grandstream:gxp1610_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1620_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1625_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1625:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1628_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1628:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:gxp1630_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:gxp1630:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5757,Grandstream Networks,0.00241,9.8,0.0,1.0,0.0,1.0,1,2020-07-17,1.0,2020-07-09,,,1.0,"Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can bypass command injection mitigations and execute commands as the root user by sending a crafted HTTP POST to the UCM's ""New"" HTTPS API.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:h:grandstream:ucm6202:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6202_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6208:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6208_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-5758,Grandstream Networks,0.00104,8.8,0.0,1.0,0.0,1.0,1,2020-07-17,1.0,2020-07-09,,,1.0,"Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can execute commands as the root user by sending a crafted HTTP GET to the UCM's ""Old"" HTTPS API.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:grandstream:ucm6202_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6202:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6208_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6208:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5759,Grandstream Networks,0.00257,9.8,0.0,1.0,0.0,1.0,1,2020-07-17,1.0,2020-07-09,,,1.0,"Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via SSH. An authenticated remote attacker can execute commands as the root user by issuing a specially crafted ""unset"" command.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:grandstream:ucm6202_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6202:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6204_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ucm6208_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ucm6208:-:*:*:*:*:*:*:*']",0,0
CVE-2016-1518,Grandstream Networks,0.00184,8.1,0.0,0.0,1.0,0.0,0,2017-04-21,0.0,,0.0,,,"The auto-provisioning mechanism in the Grandstream Wave app 1.0.1.26 and earlier for Android and Grandstream Video IP phones allows man-in-the-middle attackers to spoof provisioning data and consequently modify device functionality, obtain sensitive information from system logs, and have unspecified other impact by leveraging failure to use an HTTPS session for downloading configuration files from http://fm.grandstream.com/gs/.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-284'],['cpe:2.3:a:grandstream:wave:*:*:*:*:*:android:*:*'],0,0
CVE-2016-1519,Grandstream Networks,0.0011,5.9,0.0,0.0,1.0,0.0,0,2017-04-21,0.0,,0.0,,,"The com.softphone.common package in the Grandstream Wave app 1.0.1.26 and earlier for Android does not properly validate SSL certificates, which allows man-in-the-middle attackers to spoof the Grandstream provisioning server via a crafted certificate.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.2,3.6,['CWE-295'],['cpe:2.3:a:grandstream:wave:*:*:*:*:*:android:*:*'],0,0
CVE-2016-1520,Grandstream Networks,0.00125,7.8,0.0,0.0,1.0,0.0,0,2017-04-21,0.0,,0.0,,,"The Grandstream Wave app 1.0.1.26 and earlier for Android does not use HTTPS when retrieving update information, which might allow man-in-the-middle attackers to execute arbitrary code via a crafted application.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-254'],['cpe:2.3:a:grandstream:wave:*:*:*:*:*:android:*:*'],0,0
CVE-2020-5760,Grandstream Networks,0.00112,7.8,0.0,1.0,0.0,1.0,0,2020-07-29,1.0,2020-05-14,,,1.0,Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to an OS command injection vulnerability. Unauthenticated remote attackers can execute arbitrary commands as root by crafting a special configuration file and sending a crafted SIP message.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-78'],"['cpe:2.3:h:grandstream:ht801:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht801_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht802:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht802_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht812:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht812_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht814:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht814_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht818:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht818_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht813:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht813_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-5761,Grandstream Networks,0.00729,7.5,0.0,1.0,0.0,1.0,0,2020-07-29,1.0,2020-05-14,,,1.0,Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to CPU exhaustion due to an infinite loop in the TR-069 service. Unauthenticated remote attackers can trigger this case by sending a one character TCP message to the TR-069 service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-835'],"['cpe:2.3:o:grandstream:ht801_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht801:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht802_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht802:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht812_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht812:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht814_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht814:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht818_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht818:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht813_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht813:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5762,Grandstream Networks,0.00575,7.5,0.0,1.0,0.0,1.0,0,2020-07-29,1.0,2020-05-14,,,1.0,Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to a denial of service attack against the TR-069 service. An unauthenticated remote attacker can stop the service due to a NULL pointer dereference in the TR-069 service. This condition is triggered due to mishandling of the HTTP Authentication field.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-476'],"['cpe:2.3:o:grandstream:ht801_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht801:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht802_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht802:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht812_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht812:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht814_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht814:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht818_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht818:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht813_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht813:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5763,Grandstream Networks,0.00504,8.8,0.0,1.0,0.0,1.0,0,2020-07-29,1.0,2020-05-14,,,1.0,Grandstream HT800 series firmware version 1.0.17.5 and below contain a backdoor in the SSH service. An authenticated remote attacker can obtain a root shell by correctly answering a challenge prompt.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-326', 'CWE-489']","['cpe:2.3:o:grandstream:ht801_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht801:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht802_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht802:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht812_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht812:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht814_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht814:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht818_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht818:-:*:*:*:*:*:*:*', 'cpe:2.3:o:grandstream:ht813_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht813:-:*:*:*:*:*:*:*']",0,0
CVE-2021-37748,Grandstream Networks,0.01275,8.8,0.0,1.0,0.0,1.0,0,2021-10-28,0.0,,0.0,,,"Multiple buffer overflows in the limited configuration shell (/sbin/gs_config) on Grandstream HT801 devices before 1.0.29 allow remote authenticated users to execute arbitrary code as root via a crafted manage_if setting, thus bypassing the intended restrictions of this shell and taking full control of the device. There are default weak credentials that can be used to authenticate.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:grandstream:ht801_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht801:-:*:*:*:*:*:*:*']",0,0
CVE-2021-37915,Grandstream Networks,0.00264,8.8,0.0,1.0,0.0,1.0,0,2021-10-28,0.0,,0.0,,,"An issue was discovered on the Grandstream HT801 Analog Telephone Adaptor before 1.0.29.8. From the limited configuration shell, it is possible to set the malicious gdb_debug_server variable. As a result, after a reboot, the device downloads and executes malicious scripts from an attacker-defined host.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:grandstream:ht801_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:grandstream:ht801:-:*:*:*:*:*:*:*']",0,0
CVE-2017-16725,Xiongmai Tech,0.00396,9.8,0.0,1.0,0.0,1.0,1,2017-12-20,0.0,,0.0,,,"A Stack-based Buffer Overflow issue was discovered in Xiongmai Technology IP Cameras and DVRs using the NetSurveillance Web interface. The stack-based buffer overflow vulnerability has been identified, which may allow an attacker to execute code remotely or crash the device. After rebooting, the device restores itself to a more vulnerable state in which Telnet is accessible.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:xiongmaitech:ahb7008f8-h_firmware:4.02.r11.3070:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008f8-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008f4-h_firmware:4.02.r11.3070:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008f4-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008f2-h_firmware:4.02.r11.3070:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008f2-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t-mh-v2_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008t-mh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7004t-mh-v2_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7004t-mh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7004t-h-v2_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7004t-h-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7016t-lm-v2_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7016t-lm-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t-lm-v2_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008t-lm-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7016t4-mh-v2_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7016t4-mh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7016t-mh-v2_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7016t-mh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t4-h-v2_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008t4-h-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t-h-v2_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008t-h-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t4-h-v2:_firmware:4.02.r11.7601:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008t4-h-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t-h-v2_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008t-h-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7032f8-lm-v2_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7032f8-lm-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7032f4-lm-v2_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7032f4-lm-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7808r-ms-v3_firmware:4.02.r11.nat.onvifc.20170327:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7808r-ms-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7804r-ms-v3_firmware:4.02.r11.nat.onvifc.20170327:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7804r-ms-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7016t-lm-v3_firmware:4.02.r11.3070:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7016t-lm-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t-lm-v3_firmware:4.02.r11.3070:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008t-lm-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7004t-lm-v3_firmware:4.02.r11.3070:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7004t-lm-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7016t4-gs-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7016t4-gs-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7016t-gs-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7016t-gs-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t-gs-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008t-gs-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7004t-gs-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7004t-gs-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7016t-mh-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7016t-mh-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t-mh-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008t-mh-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7004t-mh-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7004t-mh-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t-gl-v4_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008t-gl-v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7004t-gl-v4_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7004t-gl-v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7004t-g-v4_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7004t-g-v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7016f8-gs-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7016f8-gs-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7016f8-gl-v4_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7016f8-gl-v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7016f4-gl-v4_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7016f4-gl-v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7016f2-gl-v4_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7016f2-gl-v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7808r-lm-v3_firmware:4.02.r11.nat.onvifc.20171120:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7808r-lm-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7804r-lm-v3_firmware:4.02.r11.nat.onvifc.20171120:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7804r-lm-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7804r-lms-v3_firmware:4.02.r11.nat.onvifc.20171019:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7804r-lms-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008f8-g-v4_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008f8-g-v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008f4-g-v4_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008f4-g-v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008f2-g-v4_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008f2-g-v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7032f4-lm-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7032f4-lm-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7032f2-lm-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7032f2-lm-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7032f8-gs-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7032f8-gs-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7032f4-gs-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7032f4-gs-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7032f2-gs-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7032f2-gs-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7016t-lme-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7016t-lme-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t-lme-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7008t-lme-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7004t-lme-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7004t-lme-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7808r-mh-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7808r-mh-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7804r-mh-v3_firmware:4.02.r11.7601:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7804r-mh-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50h10pl-p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50h10pl-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50h10pl-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50h10pl-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50h10pl-ae_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50h10pl-ae:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50h10pl-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50h10pl-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-52h10pl-p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-52h10pl-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-52h10pl-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-52h10pl-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pet-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pet-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pls-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pls-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pes-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pes-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pes-sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pes-sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pl-p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pl-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pl-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pl-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pl-ae_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pl-ae:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pl-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pl-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13p-p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13p-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13p-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13p-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13p-ae_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13p-ae:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13p-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13p-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-83h40pl-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-83h40pl-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-83h40pl-p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-83h40pl-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-83h50p-p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-83h50p-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-83h50p-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-83h50p-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h10pe-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h10pe-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50h10pe-sl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50h10pe-sl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50h10pe-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50h10pe-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-50hv10pt-wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipm-50hv10pt-wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-50v10pl-wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipm-50v10pl-wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-50h10pe-wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipm-50h10pe-wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-54h13pe-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-54h13pe-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-54h20pl-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-54h20pl-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50h10pl-r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50h10pl-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-54h20pl-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-54h20pl-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-50h10pe-o\\(r\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipm-50h10pe-o\\(r\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pl-r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pl-r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50h10pe-wp_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50h10pe-wp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50hv10pt-wp_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50hv10pt-wp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53hv13pa-wp_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53hv13pa-wp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pe-wp_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pe-wp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h20pl-p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h20pl-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h20pl-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h20pl-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h20pl-ae_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h20pl-ae:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h20pl-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h20pl-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50hv20pet-a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50hv20pet-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50hv20pet-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50hv20pet-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50hv20pes-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50hv20pes-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50h10pe-wk_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50h10pe-wk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pe-wk_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pe-wk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pe-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pe-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-50h10pe-wrm_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipm-50h10pe-wrm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-53h13pe-wrm_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipm-53h13pe-wrm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-83h40af_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-83h40af:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-50v10pl-wrc_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-83h40af:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-50h10pe-wrc_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipm-50h10pe-wrc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50x10pt-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50x10pt-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50x10pe-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50x10pe-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53x13pt-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53x13pt-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53x13pa-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53x13pa-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53x13pe-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53x13pe-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-53h13pe-wrc_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipm-53h13pe-wrc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-53hv13pe-wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipm-53hv13pe-wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-53v13pl-wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipm-53v13pl-wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-53h13pe-wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipm-53h13pe-wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50h10pe-wk-2f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50h10pe-wk-2f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-83h20pl-p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-83h20pl-p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-83h20pl-b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-83h20pl-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53hv13pt-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53hv13pt-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53hv13pt-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53hv13pt-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53hv13pa-a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53hv13pa-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53hv13pa-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53hv13pa-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipm-50hv20pe-wr_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipm-50hv20pe-wr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50hv10pt-a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50hv10pt-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50hv10pt-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50hv10pt-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50hv10pv-a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50hv10pv-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50hv10pv-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50hv10pv-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-80h20pt-a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-80h20pt-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-80h20pt-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-80h20pt-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50h20pt-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50h20pt-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h20py-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h20py-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-53h13pe-wk-4f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-53h13pe-wk-4f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-83h20pa-a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-83h20pa-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-83h20pa-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-83h20pa-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50hv20psa-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50hv20psa-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50hv20psb-a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50hv20psb-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-50hv20psb-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-50hv20psb-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ivg-hp203y-ae_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ivg-hp203y-ae:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ivg-hp203y-se_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ivg-hp203y-se:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-hp500nr-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-hp500nr-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ipg-80he20ps-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ipg-80he20ps-s:-:*:*:*:*:*:*:*']",0,0
CVE-2017-7577,Xiongmai Tech,0.005,9.8,0.0,0.0,1.0,0.0,1,2017-04-07,0.0,,0.0,,,"XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a ""GET ../"" HTTP request.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-22'],['cpe:2.3:a:xiongmaitech:uc-httpd:-:*:*:*:*:*:*:*'],0,0
CVE-2018-17915,Xiongmai Tech,0.00213,9.8,0.0,0.0,1.0,0.0,1,2018-10-10,0.0,,1.0,2018-10-09,,"All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an attacker to eavesdrop on video feeds, steal XMeye login credentials, or impersonate the update server with malicious update code.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-311'],['cpe:2.3:a:xiongmaitech:xmeye_p2p_cloud_server:-:*:*:*:*:*:*:*'],0,0
CVE-2018-17917,Xiongmai Tech,0.00081,5.3,0.0,0.0,1.0,0.0,1,2018-10-10,0.0,,1.0,2018-10-09,,"All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use MAC addresses to enumerate potential Cloud IDs. Using this ID, the attacker can discover and connect to valid devices using one of the supported apps.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,"['CWE-200', 'CWE-341']",['cpe:2.3:a:xiongmaitech:xmeye_p2p_cloud_server:*:*:*:*:*:*:*:*'],0,0
CVE-2018-17919,Xiongmai Tech,0.00081,6.5,0.0,0.0,1.0,0.0,1,2018-10-10,0.0,,1.0,2018-10-09,,"All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account ""default"" with its default password to login to XMeye and access/view video streams.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,NONE,MEDIUM,3.9,2.5,"['CWE-798', 'CWE-912']",['cpe:2.3:a:xiongmaitech:xmeye_p2p_cloud_server:*:*:*:*:*:*:*:*'],0,0
CVE-2019-11878,Xiongmai Tech,0.00065,6.5,0.0,1.0,0.0,1.0,1,2019-05-10,0.0,,0.0,,,"An issue was discovered on XiongMai Besder IP20H1 V4.02.R12.00035520.12012.047500.00200 cameras. An attacker on the same local network as the camera can craft a message with a size field larger than 0x80000000 and send it to the camera, related to an integer overflow or use of a negative number. This then crashes the camera for about 120 seconds.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-190'],"['cpe:2.3:o:xiongmaitech:besder_ip20h1_firmware:4.02.r12.00035520.12012.047500.00200:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:besder_ip20h1:-:*:*:*:*:*:*:*']",0,0
CVE-2018-10088,Xiongmai Tech,0.02201,9.8,1.0,0.0,1.0,0.0,0,2018-06-08,0.0,,0.0,,,"Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],['cpe:2.3:a:xiongmaitech:uc-httpd:1.0.0:*:*:*:*:*:*:*'],1,0
CVE-2020-22253,Xiongmai Tech,0.00201,9.8,0.0,1.0,0.0,1.0,0,2022-04-06,1.0,2020-02-20,,,1.0,"Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 open which allows unauthenticated attackers to make arbitrary Telnet connections with the victim device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:xiongmaitech:ahb7008t-mh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t-mh-v2_firmware:4.02.r11.7601.nat.onvifc.20170420:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7804r-els:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7804r-els_firmware:4.02.r11.nat.onvifc.20160422:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7804r-mh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.7601.nat.onvifc.20170424:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7808r-ms-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7808r-ms-v2_firmware:4.02.r11.nat.onvifc.20170327:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7808r-ms:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7808r-ms_firmware:4.02.r11.nat.onvifc.20170328:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7808t-ms-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7808t-ms-v2_firmware:4.02.r11.nat.onvifc.20161205:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7804r-lms:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7804r-lms_firmware:4.02.r11.nat.onvifc.20170301:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:hi3518e_50h10l_s39:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:hi3518e_50h10l_s39_firmware:4.02.r12.nat.onvifs.20170727_all:*:*:*:*:*:*:*']",0,0
CVE-2021-38827,Xiongmai Tech,0.00081,7.5,0.0,1.0,0.0,1.0,0,2022-11-14,0.0,,0.0,,,Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover.,CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-294'],"['cpe:2.3:h:xiongmaitech:xm-jpr2-lx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:xm-jpr2-lx_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-38828,Xiongmai Tech,0.00079,5.3,0.0,1.0,0.0,1.0,0,2022-11-14,0.0,,0.0,,,Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to plain-text traffic sniffing.,CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.6,3.6,['CWE-319'],"['cpe:2.3:o:xiongmaitech:xm-jpr2-lx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:xm-jpr2-lx:-:*:*:*:*:*:*:*']",0,0
CVE-2021-41506,Xiongmai Tech,0.00351,9.8,0.0,1.0,0.0,1.0,0,2022-06-30,1.0,2020-02-20,,,1.0,"Xiaongmai AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, HI3518_50H10L_S39 V4.02.R11.7601.Nat.Onvif.20170420, V4.02.R11.Nat.Onvif.20160422, V4.02.R11.7601.Nat.Onvif.20170424, V4.02.R11.Nat.Onvif.20170327, V4.02.R11.Nat.Onvif.20161205, V4.02.R11.Nat.20170301, V4.02.R12.Nat.OnvifS.20170727 is affected by a backdoor in the macGuarder and dvrHelper binaries of DVR/NVR/IP camera firmware due to static root account credentials in the system.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:h:xiongmaitech:ahb7008t-mh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7008t-mh-v2_firmware:4.02.r11.7601.nat.onvif.20170420:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7804r-els:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7804r-els_firmware:4.02.r11.nat.onvif.20160422:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7804r-mh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.7601.nat.onvif.20170424:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7808r-ms-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7808r-ms-v2_firmware:4.02.r11.nat.onvif.20170327:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7808r-ms:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7808r-ms_firmware:4.02.r11.nat.onvif.20160328:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7808t-ms-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7808t-ms-v2_firmware:4.02.r11.nat.onvifc.20161205:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb7804r-lms:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb7804r-lms_firmware:4.02.r11.nat.20170301:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:hi3518e_50h10l_s39:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:hi3518e_50h10l_s39_firmware:4.02.r12.nat.onvifs.20170727:*:*:*:*:*:*:*']",0,0
CVE-2022-26259,Xiongmai Tech,0.00048,7.8,0.0,1.0,0.0,1.0,0,2022-03-28,1.0,2022-02-22,,,1.0,"A buffer over flow in Xiongmai DVR devices NBD80X16S-KL, NBD80X09S-KL, NBD80X08S-KL, NBD80X09RA-KL, AHB80X04R-MH, AHB80X04R-MH-V2, AHB80X04-R-MH-V3, AHB80N16T-GS, AHB80N32F4-LME, and NBD90S0VT-QW allows attackers to cause a Denial of Service (DoS) via a crafted RSTP request.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-120'],"['cpe:2.3:o:xiongmaitech:nbd80x16s-kl_firmware:4.03.r11.nat.dss.onvifc.20210727:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:nbd80x16s-kl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:nbd80x09s-kl_firmware:4.03.r11.nat.dss.onvifc.20210727:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:nbd80x09s-kl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:nbd80x08s-kl_firmware:4.03.r11.nat.dss.onvifc.20210727:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:nbd80x08s-kl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:nbd80x09ra-kl_firmware:4.03.r11.nat.dss.onvifc.20210727:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:nbd80x09ra-kl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb80x04r-mh_firmware:4.03.r11.nat.dss.onvifc.20210729:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb80x04r-mh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb80x04r-mh-v2_firmware:4.03.r11.nat.dss.onvifc.20210729:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb80x04r-mh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb80x04-r-mh-v3_firmware:4.03.r11.nat.dss.onvifc.20210729:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb80x04-r-mh-v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb80n16t-gs_firmware:4.03.r11.7601.nat.onvifc.20211223:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb80n16t-gs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:ahb80n32f4-lme_firmware:4.03.r11.7601.nat.onvifc.20211228:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:ahb80n32f4-lme:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xiongmaitech:nbd90s0vt-qw_firmware:4.03.r11.713g.nat.onvifc.2021:*:*:*:*:*:*:*', 'cpe:2.3:h:xiongmaitech:nbd90s0vt-qw:-:*:*:*:*:*:*:*']",0,0
CVE-2017-17560,Western Digital,0.97244,9.8,1.0,1.0,0.0,1.0,1,2017-12-12,0.0,,0.0,,,"An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device's file system. This allows an attacker the ability to upload a PHP shell onto the device and obtain arbitrary code execution as root.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:2.30.172:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*']",1,1
CVE-2018-1151,Western Digital,0.01091,9.8,0.0,1.0,0.0,1.0,1,2018-06-12,0.0,,0.0,,,The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:westerndigital:tv_live_hub_firmware:3.12.13:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:tv_live_hub:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:tv_media_player_firmware:1.03.07:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:tv_media_player:-:*:*:*:*:*:*:*']",0,0
CVE-2018-9148,Western Digital,0.01834,9.8,0.0,1.0,0.0,1.0,1,2018-03-30,0.0,,0.0,,,"Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication bypass within a product that uses My Cloud.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:westerndigital:my_cloud_firmware:04.05.00-320:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*']",0,0
CVE-2019-16399,Western Digital,0.11214,9.8,1.0,1.0,0.0,1.0,1,2019-09-18,0.0,,0.0,,,"Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:westerndigital:wd_my_book_firmware:*:*:world_ii:*:*:*:*:*', 'cpe:2.3:h:westerndigital:wd_my_book:-:*:world_ii:*:*:*:*:*']",1,0
CVE-2019-9949,Western Digital,0.01796,8.8,0.0,1.0,0.0,1.0,1,2019-05-23,1.0,2019-05-21,,,1.0,"Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the ""cgi_untar"" command. Other commands might also be susceptible. Code can be executed because the ""name"" parameter passed to the cgi_unzip command is not sanitized.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-59'],"['cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:my_cloud_mirror_gen2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:my_cloud_ex4100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:my_cloud_dl2100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*']",0,0
CVE-2020-12427,Western Digital,0.00071,8.8,0.0,0.0,1.0,0.0,1,2020-05-13,1.0,2020-04-27,,,1.0,"The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:westerndigital:wd_discovery:*:*:*:*:*:my_cloud_home:*:*']",0,0
CVE-2020-29563,Western Digital,0.00317,9.8,0.0,1.0,0.0,1.0,1,2020-12-12,1.0,2020-12-09,,,1.0,An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to gain access to the device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:westerndigital:my_cloud_os_5:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3310,Western Digital,0.00045,7.8,0.0,1.0,0.0,1.0,1,2021-03-10,1.0,2021-02-22,,,1.0,Western Digital My Cloud OS 5 devices before 5.10.122 mishandle Symbolic Link Following on SMB and AFP shares. This can lead to code execution and information disclosure (by reading local files).,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-59'],"['cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:*']",0,0
CVE-2021-35941,Western Digital,0.00134,7.5,0.0,1.0,0.0,1.0,1,2021-06-29,0.0,,1.0,2021-07-06,,"Western Digital WD My Book Live (2.x and later) and WD My Book Live Duo (all versions) have an administrator API that can perform a system factory restore without authentication, as exploited in the wild in June 2021, a different vulnerability than CVE-2018-18472.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:h:westerndigital:wd_my_book_live:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:wd_my_book_live_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:wd_my_book_live_duo:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:wd_my_book_live_duo_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2022-22989,Western Digital,0.00308,9.8,0.0,1.0,0.0,1.0,1,2022-01-13,1.0,2022-01-10,,,1.0,"My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service that could be exploited by unauthenticated attackers on the network. Addressed the vulnerability by adding defenses against stack overflow issues.

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:wd_cloud:-:*:*:*:*:*:*:*']",0,0
CVE-2022-22990,Western Digital,0.07732,8.8,0.0,1.0,0.0,1.0,1,2022-01-13,1.0,2022-01-10,,,1.0,A limited authentication bypass vulnerability was discovered that could allow an attacker to achieve remote code execution and escalate privileges on the My Cloud devices. Addressed this vulnerability by changing access token validation logic and rewriting rule logic on PHP scripts.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-697', 'CWE-287']","['cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:wd_cloud:-:*:*:*:*:*:*:*']",0,0
CVE-2022-22991,Western Digital,0.00102,8.8,0.0,1.0,0.0,1.0,1,2022-01-13,1.0,2022-01-10,,,1.0,A malicious user on the same LAN could use DNS spoofing followed by a command injection attack to trick a NAS device into loading through an unsecured HTTP call. Addressed this vulnerability by disabling checks for internet connectivity using HTTP.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-77', 'CWE-78']","['cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:wd_cloud:-:*:*:*:*:*:*:*']",0,0
CVE-2016-10107,Western Digital,0.00621,9.8,0.0,0.0,1.0,0.0,0,2017-01-03,0.0,,0.0,,,Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],['cpe:2.3:a:western_digital:mycloud_nas:2.11.142:*:*:*:*:*:*:*'],0,0
CVE-2016-10108,Western Digital,0.85655,9.8,0.0,0.0,1.0,0.0,0,2017-01-03,0.0,,0.0,,,Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],['cpe:2.3:a:western_digital:mycloud_nas:2.11.142:*:*:*:*:*:*:*'],0,0
CVE-2019-10705,Western Digital,0.00179,7.5,0.0,1.0,0.0,0.0,0,2020-03-10,1.0,2019-05-20,,,1.0,"Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-522'],"['cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-128g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-256g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-512g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-1t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-1t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-2t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-2t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-128g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-256g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-512g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-1t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-1t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-2t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-2t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-128g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-256g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-512g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-1t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-1t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-2t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-2t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-128g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-256g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-512g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-1t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-1t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-2t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-2t00:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10706,Western Digital,0.00044,6.3,0.0,1.0,0.0,1.0,0,2020-03-10,1.0,2019-05-20,,,1.0,"Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: The firmware update authentication method relies on a symmetric HMAC digest. The key used to validate this digest is present in a protected area of the device, and if extracted could be used to install arbitrary firmware to other devices.",CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,HIGH,HIGH,MEDIUM,1.0,5.2,['CWE-522'],"['cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-128g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-256g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-512g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-1t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-1t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tb8w-2t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tb8w-2t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-128g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-256g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-512g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-1t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-1t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9tn8w-2t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9tn8w-2t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-128g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-256g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-512g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-1t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-1t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sb8w-2t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sb8w-2t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-128g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-256g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-512g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-1t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-1t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x600_sd9sn8w-2t00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x600_sd9sn8w-2t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300s_sd7sb3q-064g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300s_sd7sb3q-064g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300s_sd7sn3q-064g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300s_sd7sn3q-064g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300s_sd7ub2q-010t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300s_sd7ub2q-010t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300s_sd7ub2q-512g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300s_sd7ub2q-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300s_sd7ub3q-128g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300s_sd7ub3q-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300s_sd7ub3q-256g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300s_sd7ub3q-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300s_sd7un3q-128g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300s_sd7un3q-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300s_sd7un3q-256g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300s_sd7un3q-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300s_sd7un3q-512g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300s_sd7un3q-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sb8u-128g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sb8u-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sb8u-128g-1122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sb8u-128g-1122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sb8u-1t00_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sb8u-1t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sb8u-1t00-1122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sb8u-1t00-1122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sb8u-256g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sb8u-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sb8u-256g-1122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sb8u-256g-1122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sb8u-512g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sb8u-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sb8u-512g-1122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sb8u-512g-1122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sn8u-128g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sn8u-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sn8u-128g-1122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sn8u-128g-1122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sn8u-1t00_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sn8u-1t00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sn8u-1t00-1122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sn8u-1t00-1122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sn8u-256g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sn8u-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sn8u-256g-1122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sn8u-256g-1122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sn8u-512g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sn8u-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8sn8u-512g-1122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8sn8u-512g-1122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8tb8u-128g-1122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8tb8u-128g-1122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8tb8u-1t00-1122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8tb8u-1t00-1122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8tb8u-256g-1122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8tb8u-256g-1122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x400_sd8tb8u-512g-1122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x400_sd8tb8u-512g-1122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300_sd7sb6s-128g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300_sd7sb6s-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300_sd7sb6s-256g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300_sd7sb6s-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300_sd7sb7s-010t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300_sd7sb7s-010t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300_sd7sb7s-512g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300_sd7sb7s-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300_sd7sf6s-128g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300_sd7sf6s-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300_sd7sf6s-256g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300_sd7sf6s-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300_sd7sf6s-512g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300_sd7sf6s-512g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300_sd7sn6s-128g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300_sd7sn6s-128g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300_sd7sn6s-256g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300_sd7sn6s-256g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_x300_sd7sn6s-512g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_x300_sd7sn6s-512g:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18929,Western Digital,0.00089,8.8,0.0,0.0,0.0,1.0,0,2019-11-13,0.0,,0.0,,,Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest accounts) to remotely execute arbitrary code via a download_mgr.cgi stack-based buffer overflow.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:western_digital:my_cloud_ex2_ultra_firmware:2.31.195:*:*:*:*:*:*:*', 'cpe:2.3:h:western_digital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18930,Western Digital,0.00085,8.8,0.0,0.0,0.0,1.0,0,2019-11-13,0.0,,0.0,,,"Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest account) to remotely execute arbitrary code via a stack-based buffer overflow. There is no size verification logic in one of functions in libscheddl.so, and download_mgr.cgi makes it possible to enter large-sized f_idx inputs.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:western_digital:my_cloud_ex2_ultra_firmware:2.31.183:*:*:*:*:*:*:*', 'cpe:2.3:h:western_digital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18931,Western Digital,0.00138,8.8,0.0,0.0,0.0,1.0,0,2019-11-13,0.0,,0.0,,,Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via crafted GET/POST parameters.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-120'],"['cpe:2.3:o:western_digital:my_cloud_ex2_ultra_firmware:2.31.195:*:*:*:*:*:*:*', 'cpe:2.3:h:western_digital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*']",0,0
CVE-2020-13799,Western Digital,0.00143,6.8,0.0,1.0,0.0,0.0,0,2020-11-18,0.0,,1.0,2020-11-16,,"Western Digital has identified a security vulnerability in the Replay Protected Memory Block (RPMB) protocol as specified in multiple standards for storage device interfaces, including all versions of eMMC, UFS, and NVMe. The RPMB protocol is specified by industry standards bodies and is implemented by storage devices from multiple vendors to assist host systems in securing trusted firmware. Several scenarios have been identified in which the RPMB state may be affected by an attacker without the knowledge of the trusted component that uses the RPMB feature.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-294'],"['cpe:2.3:h:westerndigital:inand_cl_em132:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:inand_cl_em132_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:inand_ix_em132:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:inand_ix_em132_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:inand_ix_em132_xi:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:inand_ix_em132_xi_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:linaro:op-tee:*:*:*:*:*:*:*:*']",0,0
CVE-2020-15816,Western Digital,0.00105,8.8,0.0,0.0,1.0,0.0,0,2020-07-17,1.0,2020-06-19,,,1.0,"In Western Digital WD Discovery before 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-668'],"['cpe:2.3:a:westerndigital:wd_discovery:*:*:*:*:*:macos:*:*', 'cpe:2.3:a:westerndigital:wd_discovery:*:*:*:*:*:windows:*:*']",0,0
CVE-2020-27159,Western Digital,0.03839,9.8,0.0,1.0,0.0,1.0,0,2020-10-27,1.0,2020-10-27,,,1.0,Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_expert_series_ex2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_-_gen_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*']",0,0
CVE-2020-27744,Western Digital,0.02247,9.8,0.0,1.0,0.0,1.0,0,2020-10-29,1.0,2020-10-27,,,1.0,An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-28940,Western Digital,0.00857,9.8,0.0,1.0,0.0,1.0,0,2020-12-01,1.0,2020-11-19,,,1.0,"On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could allow an unauthenticated user to execute privileged commands on the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:westerndigital:my_cloud_os_5:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*']",0,0
CVE-2020-28970,Western Digital,0.00857,9.8,0.0,1.0,0.0,1.0,0,2020-12-01,1.0,2020-11-19,,,1.0,"An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to execute privileged commands on the device via a cookie. (In addition, an upload endpoint could then be used by an authenticated administrator to upload executable PHP scripts.)",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:westerndigital:my_cloud_os_5:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*']",0,0
CVE-2020-28971,Western Digital,0.00857,9.8,0.0,1.0,0.0,1.0,0,2020-12-01,1.0,2020-11-19,,,1.0,"An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to execute privileged commands on the device via a cookie, because of insufficient validation of URI paths.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:westerndigital:my_cloud_os_5:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8990,Western Digital,0.00178,9.1,0.0,0.0,1.0,0.0,0,2020-02-20,0.0,,0.0,,,Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow Session Fixation.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['CWE-384'],"['cpe:2.3:a:western_digital:ibi:*:*:*:*:*:*:*:*', 'cpe:2.3:a:western_digital:my_cloud_home:*:*:*:*:*:*:*:*']",0,0
CVE-2021-28653,Western Digital,0.00065,6.5,0.0,0.0,1.0,0.0,0,2021-03-19,0.0,,0.0,,,The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store keys insecurely. They choose a non-preferred storage mechanism if the device has Secure Enclave support but lacks biometric authentication hardware.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-922'],"['cpe:2.3:a:westerndigital:armorlock:*:*:*:*:*:iphone_os:*:*', 'cpe:2.3:a:westerndigital:armorlock:*:*:*:*:*:macos:*:*']",0,0
CVE-2022-22988,Western Digital,0.00168,9.1,0.0,0.0,1.0,0.0,0,2022-01-13,1.0,2022-01-10,,,1.0,"File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources. It would be more difficult for an authenticated attacker to now traverse through the files and directories. This can only be exploited once an attacker has already found a way to get authenticated access to the device. 

",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,"['CWE-732', 'CWE-275']","['cpe:2.3:a:westerndigital:edgerover:*:*:*:*:*:macos:*:*', 'cpe:2.3:a:westerndigital:edgerover:*:*:*:*:*:windows:*:*']",0,0
CVE-2022-22992,Western Digital,0.00607,9.8,0.0,1.0,0.0,1.0,0,2022-01-28,1.0,2022-01-10,,,1.0,A command injection remote code execution vulnerability was discovered on Western Digital My Cloud Devices that could allow an attacker to execute arbitrary system commands on the device. The vulnerability was addressed by escaping individual arguments to shell functions coming from user input.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-116'],"['cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:-:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:wd_cloud:-:*:*:*:*:*:*:*']",0,0
CVE-2022-22993,Western Digital,0.00151,8.8,0.0,1.0,0.0,1.0,0,2022-01-28,1.0,2022-01-10,,,1.0,A limited SSRF vulnerability was discovered on Western Digital My Cloud devices that could allow an attacker to impersonate a server and reach any page on the server by bypassing access controls. The vulnerability was addressed by creating a whitelist for valid parameters.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-918'],"['cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:-:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:wd_cloud:-:*:*:*:*:*:*:*']",0,0
CVE-2022-22994,Western Digital,0.05781,9.8,0.0,1.0,0.0,1.0,0,2022-01-28,1.0,2022-01-10,,,1.0,A remote code execution vulnerability was discovered on Western Digital My Cloud devices where an attacker could trick a NAS device into loading through an unsecured HTTP call. This was a result insufficient verification of calls to the device. The vulnerability was addressed by disabling checks for internet connectivity using HTTP.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-345'],"['cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:-:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:wd_cloud:-:*:*:*:*:*:*:*']",0,0
CVE-2022-23001,Western Digital,0.00079,5.3,0.0,0.0,1.0,0.0,0,2022-07-29,1.0,2022-07-29,,,1.0,"When compressing or decompressing elliptic curve points using the Sweet B library, an incorrect choice of sign bit is used. An attacker with user level privileges and no other user's assistance can exploit this vulnerability with only knowledge of the public key and the library. The resulting output may cause an error when used in other operations; for instance, verification of a valid signature under a decompressed public key may fail. This may be leveraged by an attacker to cause an error scenario in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,['CWE-682'],['cpe:2.3:a:westerndigital:sweet_b:1:*:*:*:*:*:*:*'],0,0
CVE-2022-23002,Western Digital,0.00079,5.3,0.0,0.0,1.0,0.0,0,2022-07-29,1.0,2022-07-29,,,1.0,"When compressing or decompressing a point on the NIST P-256 elliptic curve with an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output will cause an error when used in other operations. This may be leveraged by an attacker to cause an error scenario in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,"['NVD-CWE-noinfo', 'CWE-703']",['cpe:2.3:a:westerndigital:sweet_b:1:*:*:*:*:*:*:*'],0,0
CVE-2022-23003,Western Digital,0.00079,5.3,0.0,0.0,1.0,0.0,0,2022-07-29,1.0,2022-07-29,,,1.0,"When computing a shared secret or point multiplication on the NIST P-256 curve that results in an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output may cause an error when used in other operations. This may be leveraged by an attacker to cause an error scenario or incorrect choice of session key in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,"['CWE-682', 'CWE-703']",['cpe:2.3:a:westerndigital:sweet_b:1:*:*:*:*:*:*:*'],0,0
CVE-2022-23004,Western Digital,0.00079,5.3,0.0,0.0,1.0,0.0,0,2022-07-29,1.0,2022-07-29,,,1.0,"When computing a shared secret or point multiplication on the NIST P-256 curve using a public key with an X coordinate of zero, an error is returned from the library, and an invalid unreduced value is written to the output buffer. This may be leveraged by an attacker to cause an error scenario, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,LOW,MEDIUM,3.9,1.4,"['CWE-682', 'CWE-703']",['cpe:2.3:a:westerndigital:sweet_b:1:*:*:*:*:*:*:*'],0,0
CVE-2022-23006,Western Digital,0.0007,6.7,0.0,1.0,0.0,1.0,0,2022-09-27,1.0,2022-09-21,,,1.0,"A stack-based buffer overflow vulnerability was found on Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi that could allow an attacker accessing the system locally to read information from /etc/version file. This vulnerability can only be exploited by chaining it with another issue. If an attacker is able to carry out a remote code execution attack, they can gain access to the vulnerable file, due to the presence of insecure functions in code. User interaction is required for exploitation. Exploiting the vulnerability could result in exposure of information, ability to modify files, memory access errors, or system crashes.",CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H,LOCAL,HIGH,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:o:westerndigital:my_cloud_home_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_home:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:my_cloud_home_duo_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:my_cloud_home_duo:-:*:*:*:*:*:*:*', 'cpe:2.3:o:westerndigital:sandisk_ibi_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:westerndigital:sandisk_ibi:-:*:*:*:*:*:*:*']",0,0
CVE-2017-18263,Seagate,0.00742,7.5,0.0,1.0,0.0,1.0,1,2018-04-28,1.0,2017-09-30,,,1.0,Seagate Media Server in Seagate Personal Cloud before 4.3.18.4 has directory traversal in getPhotoPlaylistPhotos.psp via a parameter named url.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:seagate:personal_cloud_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:seagate:personal_cloud:-:*:*:*:*:*:*:*']",0,0
CVE-2018-5347,Seagate,0.85474,9.8,1.0,1.0,0.0,1.0,1,2018-01-12,0.0,,0.0,,,Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:seagate:personal_cloud_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:seagate:personal_cloud:-:*:*:*:*:*:*:*']",1,0
CVE-2018-12295,Seagate,0.00212,9.8,0.0,0.0,0.0,1.0,0,2019-05-13,0.0,,0.0,,,SQL injection in folderViewSpecific.psp in Seagate NAS OS version 4.3.15.1 allows attackers to execute arbitrary SQL commands via the dirId URL parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-89'],['cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:*'],0,0
CVE-2018-12296,Seagate,0.01442,7.5,0.0,0.0,0.0,1.0,0,2019-05-13,0.0,,0.0,,,Insufficient access control in /api/external/7.0/system.System.get_infos in Seagate NAS OS version 4.3.15.1 allows attackers to obtain information about the NAS without authentication via empty POST requests.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-732'],['cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:*'],0,0
CVE-2018-12297,Seagate,0.00105,6.1,0.0,0.0,0.0,1.0,0,2019-05-13,0.0,,0.0,,,Cross-site scripting in API error pages in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via URL path names.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:*'],0,0
CVE-2018-12298,Seagate,0.00902,7.5,0.0,0.0,0.0,1.0,0,2019-05-13,0.0,,0.0,,,Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's container via a URL path.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],['cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:*'],0,0
CVE-2018-12299,Seagate,0.00058,5.4,0.0,0.0,0.0,1.0,0,2019-05-13,0.0,,0.0,,,Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via uploaded file names.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:*'],0,0
CVE-2018-12300,Seagate,0.00118,6.1,0.0,0.0,0.0,1.0,0,2019-05-13,0.0,,0.0,,,Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Referer header via the 'state' URL parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-601'],['cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:*'],0,0
CVE-2018-12301,Seagate,0.00168,7.5,0.0,0.0,0.0,1.0,0,2019-05-13,0.0,,0.0,,,Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via a Download URL of 127.0.0.1 or localhost.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],['cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:*'],0,0
CVE-2018-12302,Seagate,0.00078,6.1,0.0,0.0,0.0,1.0,0,2019-05-13,0.0,,0.0,,,Missing HTTPOnly flag on session cookies in the Seagate NAS OS version 4.3.15.1 web application allows attackers to steal session tokens via cross-site scripting.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:*'],0,0
CVE-2018-12303,Seagate,0.00058,5.4,0.0,0.0,0.0,1.0,0,2019-05-13,0.0,,0.0,,,Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via directory names.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:*'],0,0
CVE-2018-12304,Seagate,0.00105,6.1,0.0,0.0,0.0,1.0,0,2019-05-13,0.0,,0.0,,,"Cross-site scripting in Application Manager in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via multiple application metadata fields: Short Description, Publisher Name, Publisher Contact, or Website URL.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:*'],0,0
CVE-2018-18471,Seagate,0.01105,9.8,0.0,1.0,0.0,0.0,0,2019-06-19,0.0,,0.0,,,"/api/2.0/rest/aggregator/xml in Axentra firmware, used by NETGEAR Stora, Seagate GoFlex Home, and MEDION LifeCloud, has an XXE vulnerability that can be chained with an SSRF bug to gain remote command execution as root. It can be triggered by anyone who knows the IP address of the affected device.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-611'],"['cpe:2.3:o:axentra:hipserv:-:*:*:*:*:*:*:*', 'cpe:2.3:h:medion:lifecloud:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:stora:-:*:*:*:*:*:*:*', 'cpe:2.3:h:seagate:goflex_home:-:*:*:*:*:*:*:*']",0,0
CVE-2017-2125,Allied Telesis,0.00316,8.8,0.0,1.0,0.0,1.0,1,2017-04-28,0.0,,1.0,2017-03-30,,Privilege escalation vulnerability in CentreCOM AR260S V2 remote authenticated attackers to gain privileges via the guest account.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:allied_telesis_k.k.:centrecom_ar260s_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:allied_telesis_k.k.:centrecom_ar260s_v2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20503,Allied Telesis,0.00238,6.1,1.0,1.0,0.0,1.0,1,2019-05-07,0.0,,1.0,2017-03-30,,Allied Telesis 8100L/8 devices allow XSS via the edit-ipv4_interface.php vlanid or subnet_mask parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:alliedtelesis:8100l\\/8_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:alliedtelesis:8100l\\/8:-:*:*:*:*:*:*:*']",1,0
CVE-2019-18922,Allied Telesis,0.1773,7.5,0.0,1.0,0.0,0.0,1,2019-11-29,0.0,,0.0,,,A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] allows unauthenticated attackers to read arbitrary system files via a GET request. NOTE: This is an End-of-Life product.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:alliedtelesis:at-gs950\\/8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:alliedtelesis:at-gs950\\/8:-:*:*:*:*:*:*:*']",0,0
CVE-2017-3167,Apple,0.01399,9.8,0.0,0.0,0.0,1.0,1,2017-06-20,0.0,,0.0,,,"In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*', 'cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:secure_global_desktop:5.3:*:*:*:*:*:*:*']",0,0
CVE-2018-14468,Apple,0.00407,7.5,0.0,0.0,0.0,1.0,1,2019-10-03,1.0,2019-12-10,,,0.0,The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-iq_centralized_management:7.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:iworkflow:2.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*']",0,0
CVE-2018-14880,Apple,0.0038,7.5,0.0,0.0,0.0,1.0,1,2019-10-03,1.0,2020-02-11,,,0.0,The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-iq_centralized_management:7.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:iworkflow:2.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*']",0,0
CVE-2018-18311,Apple,0.00313,9.8,0.0,0.0,0.0,1.0,1,2018-12-07,1.0,2019-03-25,,,0.0,Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-190'],"['cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*', 'cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:e-series_santricity_os_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:snapdriver:-:*:*:*:*:unix:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*']",0,0
CVE-2019-14379,Apple,0.00984,9.8,0.0,0.0,1.0,0.0,1,2019-07-29,0.0,,0.0,,,"SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-1321'],"['cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*', 'cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*', 'cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*', 'cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:linux:*:*', 'cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*', 'cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:banking_platform:2.4.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:banking_platform:2.7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:primavera_gateway:15.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:primavera_gateway:18.8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:siebel_engineering_-_installer_\\&_deployment:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*']",0,0
CVE-2019-8615,Apple,0.00612,6.5,0.0,0.0,1.0,1.0,1,2019-12-18,1.0,2019-05-13,,,1.0,"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-125'],"['cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*']",0,0
CVE-2019-8619,Apple,0.01416,8.8,0.0,0.0,1.0,1.0,1,2019-12-18,1.0,2019-05-13,,,1.0,"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*']",0,0
CVE-2019-8623,Apple,0.07534,8.8,1.0,0.0,1.0,1.0,1,2019-12-18,1.0,2019-05-13,,,1.0,"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",1,1
CVE-2019-8628,Apple,0.01416,8.8,0.0,0.0,1.0,1.0,1,2019-12-18,1.0,2019-05-13,,,1.0,"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*']",0,0
CVE-2019-9506,Apple,0.00105,8.1,0.0,0.0,0.0,1.0,1,2019-08-14,0.0,,0.0,,,"The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka ""KNOB"") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,"['CWE-327', 'CWE-310']","['cpe:2.3:h:blackberry:blackberry:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:-:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:12.4:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.12.6:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:12.4:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:5.3:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:virtualization_host_eus:4.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_aus:7.5:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_for_real_time_eus:8.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_for_real_time_eus:8.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_eus:8.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_eus:8.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_tus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:alp-al00b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ares-al00b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ares-al00b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ares-al10d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ares-al10d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ares-tl00c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ares-tl00c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:asoka-al00ax:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:asoka-al00ax_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:atomu-l33_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:atomu-l33:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:atomu-l41_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:atomu-l41:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:atomu-l42_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:atomu-l42:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-al00b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:bla-al00b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-tl00b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:bla-tl00b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:barca-al00_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:barca-al00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:berkeley-al20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:berkeley-al20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:berkeley-tl10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:berkeley-tl10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:cairogo-l22_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:cairogo-l22:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:columbia-al10b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:columbia-al10b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:columbia-al10i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:columbia-al10i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:columbia-tl00d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:columbia-tl00d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:cornell-al00a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:cornell-al00a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:cornell-al00i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:cornell-al00i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:cornell-al00ind_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:cornell-al00ind:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:cornell-al10ind_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:cornell-al10ind:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:cornell-tl10b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:cornell-tl10b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:dubai-al00a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:dubai-al00a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:dura-al00a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:dura-al00a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:dura-tl00a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:dura-tl00a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:emily-l29c_firmware:8.1.0.156\\(c605\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:ever-l29b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:ever-l29b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:figo-l23_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:figo-l23:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:figo-l31_firmware:8.0.0.122d\\(c652\\):*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:figo-tl10b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:figo-tl10b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:florida-al20b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:florida-al20b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:florida-l21_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:florida-l21:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:florida-l22_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:florida-l22:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:florida-l23_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:florida-l23:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:florida-tl10b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:florida-tl10b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:mate_20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:mate_20_pro_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:mate_20_x_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p_smart_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:p_smart:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p_smart_2019_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:p_smart_2019:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p20_pro_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:p30_pro_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:y5_2018_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:y5_2018:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:y5_lite_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:y5_lite:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:y6_2019_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:y6_2019:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:y6_prime_2018_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:y6_prime_2018:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:y6_pro_2019_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:y6_pro_2019:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:y7_2019_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:y7_2019:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:y9_2019_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nova_3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nova_3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nova_4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nova_4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nova_5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nova_5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nova_5i_pro_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nova_5i_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:nova_lite_3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:harry-al00c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:harry-al00c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:harry-al10b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:harry-al10b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:harry-tl00c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:harry-tl00c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:hima-l29c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hima-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_10_lite_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_10_lite:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_8a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_8a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_8x_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_view_10_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_view_10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_view_20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:jakarta-al00a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:jakarta-al00a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:johnson-tl00d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:johnson-tl00d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:johnson-tl00f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:johnson-tl00f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:katyusha-al00a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:katyusha-al00a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:laya-al00ep_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:laya-al00ep:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:leland-l21a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:leland-l21a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:leland-l31a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:leland-l31a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:leland-l32a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:leland-l32a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:leland-l32c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:leland-l32c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:leland-l42a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:leland-l42a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:leland-l42c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:leland-l42c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:leland-tl10b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:leland-tl10b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:leland-tl10c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:leland-tl10c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:lelandp-al00c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:lelandp-al00c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:lelandp-al10b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:lelandp-al10b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:lelandp-al10d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:lelandp-al10d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:lelandp-l22a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:lelandp-l22a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:lelandp-l22c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:lelandp-l22c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:lelandp-l22d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:lelandp-l22d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:london-al40ind_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:london-al40ind:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:madrid-al00a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:madrid-al00a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:madrid-tl00a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:madrid-tl00a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:neo-al00d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:neo-al00d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:paris-al00ic_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:paris-al00ic:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:paris-l21b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:paris-l21b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:paris-l21meb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:paris-l21meb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:paris-l29b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:paris-l29b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:potter-al00c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:potter-al00c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:potter-al10a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:potter-al10a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:princeton-al10b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:princeton-al10d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:princeton-al10d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:princeton-tl10c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:princeton-tl10c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:sydney-al00_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:sydney-al00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:sydney-l21_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:sydney-l21:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:sydney-l21br_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:sydney-l21br:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:sydney-l22_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:sydney-l22:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:sydney-l22br_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:sydney-l22br:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:sydney-tl00_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:sydney-tl00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:sydneym-al00_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:sydneym-l01_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:sydneym-l01:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:sydneym-l03_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:sydneym-l03:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:sydneym-l21_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:sydneym-l21:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:sydneym-l22_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:sydneym-l22:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:sydneym-l23_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:sydneym-l23:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:tony-al00b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:tony-tl00b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:tony-tl00b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:yale-al00a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:yale-al00a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:yale-al50a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:yale-al50a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:yale-l21a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:yale-l61c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:yale-l61c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:yale-tl00b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:yale-tl00b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:yalep-al10b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:yalep-al10b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:imanager_neteco_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:imanager_neteco:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:imanager_neteco_6000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:imanager_neteco_6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:charlotte-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:charlotte-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:cornell-l29a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:cornell-l29a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:figo-l31_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:figo-l31:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:florida-l21_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:florida-l21:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:huawei:honor_20_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:honor_20_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9511,Apple,0.07759,7.5,0.0,0.0,1.0,1.0,1,2019-08-13,0.0,,0.0,,,"Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-770', 'CWE-400']","['cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*']",0,0
CVE-2019-9513,Apple,0.04253,7.5,0.0,0.0,1.0,1.0,1,2019-08-13,0.0,,0.0,,,"Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['NVD-CWE-Other', 'CWE-400']","['cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*']",0,0
CVE-2019-9514,Apple,0.7923,7.5,0.0,0.0,1.0,1.0,1,2019-08-13,0.0,,0.0,,,"Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-770', 'CWE-400']","['cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*']",0,0
CVE-2019-9515,Apple,0.03886,7.5,0.0,0.0,1.0,1.0,1,2019-08-13,0.0,,0.0,,,"Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-770', 'CWE-400']","['cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*']",0,0
CVE-2019-9516,Apple,0.00702,6.5,0.0,0.0,1.0,1.0,1,2019-08-13,0.0,,0.0,,,"Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,"['CWE-770', 'CWE-400']","['cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*']",0,0
CVE-2019-9517,Apple,0.03532,7.5,0.0,0.0,1.0,1.0,1,2019-08-13,0.0,,0.0,,,"Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-770', 'CWE-400']","['cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*']",0,0
CVE-2019-9518,Apple,0.01188,7.5,0.0,0.0,1.0,1.0,1,2019-08-13,0.0,,0.0,,,"Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,"['CWE-770', 'CWE-400']","['cpe:2.3:a:apple:swiftnio:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*', 'cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*']",0,0
CVE-2019-9536,Apple,0.001,6.8,0.0,1.0,0.0,0.0,1,2019-11-22,0.0,,0.0,,,"Apple iPhone 3GS bootrom malloc implementation returns a non-NULL pointer when unable to allocate memory, aka 'alloc8'. An attacker with physical access to the device can install arbitrary firmware.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-755'],['cpe:2.3:h:apple:iphone_3gs:-:*:*:*:*:*:*:*'],0,0
CVE-2020-12243,Apple,0.09157,7.5,0.0,0.0,0.0,1.0,1,2020-04-28,0.0,,0.0,,,"In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-674'],"['cpe:2.3:a:openldap:openldap:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2018-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2018-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.13.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*', 'cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*']",0,0
CVE-2020-12427,Apple,0.00071,8.8,0.0,0.0,0.0,1.0,1,2020-05-13,1.0,2020-04-27,,,1.0,"The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:westerndigital:wd_discovery:*:*:*:*:*:my_cloud_home:*:*']",0,0
CVE-2021-22945,Apple,0.00688,9.1,0.0,0.0,0.0,1.0,1,2021-09-23,1.0,2022-03-21,,,0.0,"When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,CRITICAL,3.9,5.2,['CWE-415'],"['cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*', 'cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*', 'cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*']",0,0
CVE-2021-23841,Apple,0.00416,5.9,0.0,0.0,1.0,1.0,1,2021-02-16,1.0,2021-05-24,,,0.0,The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.2,3.6,['CWE-476'],"['cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*', 'cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*', 'cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*']",0,0
CVE-2021-25252,Apple,0.00044,5.5,0.0,0.0,0.0,1.0,1,2021-03-03,1.0,2021-03-04,,,0.0,Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-400'],"['cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:apex_one:2019:-:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:cloud_edge:5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:apex_one:-:-:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:deep_security:10.0:-:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:deep_security:11.0:-:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:deep_security:12.0:-:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:deep_security:20.0:-:*:*:long_term_support:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:control_manager:7.0:-:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:deep_discovery_analyzer:5.1:-:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:deep_discovery_email_inspector:2.5:-:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:deep_discovery_inspector:3.8:-:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:interscan_messaging_security_virtual_appliance:9.1:-:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:interscan_web_security_virtual_appliance:6.5:-:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:officescan:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:portal_protect:2.6:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:scanmail:14.0:*:*:*:*:microsoft_exchange:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:scanmail_for_ibm_domino:5.8:-:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:serverprotect_for_storage:6.0:-:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:serverprotect:5.8:-:*:*:*:*:*:*', 'cpe:2.3:h:emc:celerra_network_attached_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:novell:netware:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:serverprotect_for_network_appliance_filers:5.8:-:*:*:*:*:*:*', 'cpe:2.3:o:netapp:cluster_data_ontap:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:safe_lock:1.1:-:*:*:txone:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:trendmicro:worry-free_business_security:10.1:-:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44224,Apple,0.31186,8.2,0.0,0.0,0.0,1.0,1,2021-12-20,1.0,2022-05-16,,,0.0,"A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,HIGH,HIGH,3.9,4.2,['CWE-476'],"['cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:http_server:-:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-44790,Apple,0.10912,9.8,0.0,0.0,0.0,1.0,1,2021-12-20,1.0,2022-05-16,,,0.0,A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",1,1
CVE-2017-2492,Apple,0.00182,6.1,0.0,0.0,1.0,1.0,0,2018-04-03,1.0,2017-04-24,,,1.0,"An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the ""JavaScriptCore"" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that triggers prototype mishandling.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*']",0,0
CVE-2017-7071,Apple,0.01268,8.8,0.0,0.0,1.0,0.0,0,2018-04-03,1.0,2017-08-23,,,1.0,"An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the ""WebKit"" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-119'],['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*'],0,0
CVE-2018-25010,Apple,0.00302,9.1,0.0,0.0,0.0,1.0,0,2021-05-21,1.0,2021-07-21,,,0.0,A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,CRITICAL,3.9,5.2,['CWE-125'],"['cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*']",0,0
CVE-2018-25011,Apple,0.00276,9.8,0.0,0.0,0.0,1.0,0,2021-05-21,1.0,2021-07-21,,,0.0,A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16().,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*']",0,0
CVE-2018-25014,Apple,0.00302,9.8,0.0,0.0,0.0,1.0,0,2021-05-21,1.0,2021-07-21,,,0.0,A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-908'],"['cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*']",0,0
CVE-2018-4126,Apple,0.00272,7.8,0.0,0.0,1.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,"A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2018-4153,Apple,0.00079,5.9,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,An injection issue was addressed with improved validation. This issue affected versions prior to macOS Mojave 10.14.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.2,3.6,['CWE-74'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4187,Apple,0.00607,6.5,0.0,0.0,0.0,1.0,0,2018-06-08,1.0,2019-04-03,,,0.0,"An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. The issue involves the ""LinkPresentation"" component. It allows remote attackers to spoof the UI via a crafted URL in a text message.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-20'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*']",0,0
CVE-2018-4295,Apple,0.00244,9.8,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4304,Apple,0.00062,5.0,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,"A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.",CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.3,3.6,['CWE-20'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2018-4308,Apple,0.00069,5.5,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to macOS Mojave 10.14.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-125'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4342,Apple,0.00044,5.5,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS Mojave 10.14.1.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['CWE-20'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4346,Apple,0.00069,5.5,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,A validation issue existed which allowed local file access. This was addressed with input sanitization. This issue affected versions prior to macOS Mojave 10.14.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-20'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4398,Apple,0.00279,7.5,0.0,0.0,1.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,"An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2018-4403,Apple,0.00066,5.5,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2019-02-15,,,1.0,This issue was addressed by removing additional entitlements. This issue affected versions prior to macOS Mojave 10.14.1.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-200'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4406,Apple,0.00085,6.5,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,A denial of service issue was addressed with improved validation. This issue affected versions prior to macOS Mojave 10.14.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-20'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4410,Apple,0.00078,7.8,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.1.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4411,Apple,0.00081,7.8,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4412,Apple,0.00229,7.8,0.0,0.0,1.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,"A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*']",0,0
CVE-2018-4415,Apple,0.00063,7.8,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4417,Apple,0.00079,5.5,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-20'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4418,Apple,0.00069,5.5,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-20'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4421,Apple,0.0007,7.8,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-12-21,,,1.0,A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4423,Apple,0.00059,7.8,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-11-16,,,1.0,A logic issue was addressed with improved validation. This issue affected versions prior to macOS Mojave 10.14.1.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-20'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2018-4426,Apple,0.00203,7.8,0.0,0.0,0.0,1.0,0,2019-04-03,1.0,2018-10-30,,,1.0,"A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-119'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2018-4468,Apple,0.00066,5.5,0.0,0.0,0.0,1.0,0,2020-10-27,1.0,2018-10-30,,,1.0,"This issue was addressed by removing additional entitlements. This issue is fixed in macOS Mojave 10.14.1, Security Update 2018-002 High Sierra, Security Update 2018-005 Sierra. A malicious application may be able to access restricted files.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2019-8737,Apple,0.00085,6.5,0.0,0.0,0.0,1.0,0,2020-10-27,1.0,2019-10-29,,,1.0,"A denial of service issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. An attacker in a privileged position may be able to perform a denial of service attack.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-20'],['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*'],0,0
CVE-2020-10002,Apple,0.00042,5.5,0.0,0.0,1.0,1.0,0,2020-12-08,1.0,2020-11-05,,,1.0,"A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A local user may be able to read arbitrary files.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2020-36328,Apple,0.00754,9.8,0.0,0.0,0.0,1.0,0,2021-05-21,1.0,2021-07-21,,,0.0,A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:14.7:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:14.7:*:*:*:*:*:*:*']",0,0
CVE-2020-36329,Apple,0.00549,9.8,0.0,0.0,0.0,1.0,0,2021-05-21,1.0,2021-07-21,,,0.0,A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-416'],"['cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*']",0,0
CVE-2020-36330,Apple,0.00424,9.1,0.0,0.0,0.0,1.0,0,2021-05-21,1.0,2021-07-21,,,0.0,A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,CRITICAL,3.9,5.2,['CWE-125'],"['cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*']",0,0
CVE-2020-36331,Apple,0.00422,9.1,0.0,0.0,0.0,1.0,0,2021-05-21,1.0,2021-07-21,,,0.0,A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,CRITICAL,3.9,5.2,['CWE-125'],"['cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*']",0,0
CVE-2020-9949,Apple,0.00216,7.8,0.0,0.0,0.0,1.0,0,2020-12-08,1.0,2020-11-12,,,1.0,"A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra, tvOS 14.0. An application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-416'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-1761,Apple,0.00532,7.5,0.0,0.0,0.0,1.0,0,2021-04-02,1.0,2021-05-28,,,0.0,"This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause a denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-1794,Apple,0.00603,9.8,0.0,0.0,0.0,1.0,0,2021-04-02,1.0,2021-05-28,,,0.0,An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-125'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30737,Apple,0.00381,8.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-06-14,,,1.0,"A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted certificate may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30748,Apple,0.00121,7.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. An application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30758,Apple,0.00412,8.8,0.0,0.0,1.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-843'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30759,Apple,0.00148,7.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A stack overflow was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.1:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.2:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.3:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.4:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.2:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.3:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.4:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.5:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.6:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30760,Apple,0.00161,7.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"An integer overflow was addressed through improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-190'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.1:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.2:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.3:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.4:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.2:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.3:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.4:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.5:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.6:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30761,Apple,0.00495,8.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-06-14,,,1.0,A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*'],0,0
CVE-2021-30762,Apple,0.00579,8.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-06-14,,,1.0,A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-416'],['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*'],0,0
CVE-2021-30763,Apple,0.00053,5.5,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.7, watchOS 7.6. A shortcut may be able to bypass Internet permission requirements.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['CWE-20'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30768,Apple,0.00073,5.5,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. A sandboxed process may be able to circumvent sandbox restrictions.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30769,Apple,0.00064,5.5,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['CWE-287'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30770,Apple,0.00046,5.5,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['CWE-287'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30773,Apple,0.00081,5.5,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"An issue in code signature validation was addressed with improved checks. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. A malicious application may be able to bypass code signing checks.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30774,Apple,0.00085,7.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. A malicious application may be able to gain root privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30775,Apple,0.00114,7.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted audio file may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30776,Apple,0.00066,5.5,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Playing a malicious audio file may lead to an unexpected application termination.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30779,Apple,0.00104,7.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing a maliciously crafted image may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30780,Apple,0.00165,7.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A malicious application may be able to gain root privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30781,Apple,0.00042,7.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A local attacker may be able to cause unexpected application termination or arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30785,Apple,0.00189,7.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted image may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-120'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30786,Apple,0.00085,7.0,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A race condition was addressed with improved state handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.",CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.0,5.9,['CWE-362'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30788,Apple,0.00142,7.1,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH,HIGH,1.8,5.2,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30789,Apple,0.00123,7.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-125'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30791,Apple,0.00103,5.5,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Processing a maliciously crafted file may disclose user information.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-125'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30792,Apple,0.00125,7.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Processing a maliciously crafted image may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30795,Apple,0.00426,8.8,0.0,0.0,1.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-416'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30796,Apple,0.00164,6.5,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing a maliciously crafted image may lead to a denial of service.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.1:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.2:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.3:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.4:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.4:beta4:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.2:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.3:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.4:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.5:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.6:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.6:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30797,Apple,0.00382,8.8,0.0,0.0,1.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30798,Apple,0.00191,7.5,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30799,Apple,0.00469,8.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.6:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30800,Apple,0.00085,8.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,This issue was addressed with improved checks. This issue is fixed in iOS 14.7. Joining a malicious Wi-Fi network may result in a denial of service or arbitrary code execution.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*'],0,0
CVE-2021-30802,Apple,0.00359,8.8,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,"A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-416'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30804,Apple,0.00055,3.3,0.0,0.0,0.0,1.0,0,2021-09-08,1.0,2021-07-21,,,1.0,A permissions issue was addressed with improved validation. This issue is fixed in iOS 14.7. A malicious application may be able to access Find My data.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,LOW,NONE,LOW,1.8,1.4,['NVD-CWE-noinfo'],['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*'],0,0
CVE-2021-30808,Apple,0.00067,5.5,0.0,0.0,0.0,1.0,0,2021-10-28,1.0,2021-11-18,,,0.0,"This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A malicious application may be able to modify protected parts of the file system.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30809,Apple,0.00645,8.8,0.0,0.0,1.0,1.0,0,2021-10-28,1.0,2021-11-18,,,0.0,"A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-416'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30813,Apple,0.00044,6.5,0.0,0.0,0.0,1.0,0,2021-10-28,1.0,2022-05-25,,,0.0,This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.0.1. A person with access to a host Mac may be able to bypass the Login Window in Remote Desktop for a locked instance of macOS.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,CHANGED,NONE,HIGH,NONE,MEDIUM,2.0,4.0,['NVD-CWE-noinfo'],['cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*'],0,0
CVE-2021-30814,Apple,0.00114,7.8,0.0,0.0,0.0,1.0,0,2021-10-28,1.0,2021-11-18,,,0.0,"A memory corruption issue was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30818,Apple,0.00649,8.8,0.0,0.0,1.0,1.0,0,2021-10-28,1.0,2021-11-18,,,0.0,"A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-843'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30821,Apple,0.00108,7.8,0.0,0.0,0.0,1.0,0,2021-10-28,1.0,2021-10-25,,,1.0,"A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30823,Apple,0.00179,6.5,0.0,0.0,1.0,1.0,0,2021-10-28,1.0,2021-10-25,,,1.0,"A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30824,Apple,0.00121,7.8,0.0,0.0,0.0,1.0,0,2021-10-28,1.0,2021-10-25,,,1.0,"A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30831,Apple,0.00066,5.5,0.0,0.0,0.0,1.0,0,2021-10-28,1.0,2021-11-18,,,0.0,"An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted font may result in the disclosure of process memory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-125'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30833,Apple,0.0007,5.5,0.0,0.0,0.0,1.0,0,2021-10-28,1.0,2021-10-25,,,1.0,This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.0.1. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30836,Apple,0.00085,5.5,0.0,0.0,1.0,1.0,0,2021-10-28,1.0,2021-11-18,,,0.0,"An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-125'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30840,Apple,0.00104,7.8,0.0,0.0,0.0,1.0,0,2021-10-28,1.0,2021-11-18,,,0.0,"This issue was addressed with improved checks. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted dfont file may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30846,Apple,0.00123,7.8,0.0,0.0,1.0,1.0,0,2021-10-19,1.0,2021-11-18,,,0.0,"A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*']",0,0
CVE-2021-30848,Apple,0.00167,7.8,0.0,0.0,1.0,1.0,0,2021-10-19,1.0,2021-11-18,,,0.0,"A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30849,Apple,0.00145,7.8,0.0,0.0,1.0,1.0,0,2021-10-19,1.0,2021-11-18,,,0.0,"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30851,Apple,0.0047,8.8,0.0,0.0,1.0,1.0,0,2021-08-24,1.0,2021-11-18,,,0.0,"A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0.1:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*']",0,0
CVE-2021-30852,Apple,0.00627,8.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-11-18,,,0.0,"A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-843'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30861,Apple,0.00062,5.5,0.0,0.0,1.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may bypass Gatekeeper checks.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30864,Apple,0.00081,8.6,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A sandboxed process may be able to circumvent sandbox restrictions.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,CHANGED,NONE,HIGH,NONE,HIGH,3.9,4.0,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30866,Apple,0.00075,6.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-11-18,,,0.0,"A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A device may be passively tracked by its WiFi MAC address.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30867,Apple,0.00068,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-11-18,,,0.0,The issue was addressed with improved authentication. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access photo metadata without needing permission to access photos.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-287'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30868,Apple,0.00085,7.0,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.0,5.9,['CWE-362'],"['cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30869,Apple,0.0013,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-09-23,,,0.0,"A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 12.5.5, iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, Security Update 2021-006 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-843'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30871,Apple,0.00042,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"This issue was addressed with a new entitlement. This issue is fixed in iOS 14.7, watchOS 7.6, macOS Big Sur 11.5. A local attacker may be able to access analytics data.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30873,Apple,0.00067,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to elevate privileges.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30874,Apple,0.00076,7.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-11-18,,,0.0,An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. A VPN configuration may be installed by an app without user permission.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-862'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30875,Apple,0.00042,3.3,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1. A local attacker may be able to view contacts from the lock screen.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30876,Apple,0.00084,7.1,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH,HIGH,1.8,5.2,['CWE-125'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30877,Apple,0.00084,7.1,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH,HIGH,1.8,5.2,['CWE-125'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30879,Apple,0.00084,7.1,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH,HIGH,1.8,5.2,['CWE-125'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30880,Apple,0.00084,7.1,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,HIGH,HIGH,1.8,5.2,['CWE-125'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30881,Apple,0.00138,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Unpacking a maliciously crafted archive may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-20'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30883,Apple,0.00222,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-11,,,0.0,"A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, macOS Big Sur 11.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30884,Apple,0.0015,4.7,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-11-18,,,0.0,"The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,NONE,NONE,MEDIUM,2.8,1.4,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30886,Apple,0.00116,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. An application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-416'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30887,Apple,0.0072,6.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30888,Apple,0.00286,7.4,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior .",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,NONE,NONE,HIGH,2.8,4.0,['CWE-601'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30889,Apple,0.00376,8.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-120'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30890,Apple,0.00759,6.1,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30892,Apple,0.0007,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An inherited permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to modify protected parts of the file system.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['CWE-732'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30894,Apple,0.00085,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, tvOS 15.1. An application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30895,Apple,0.00085,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, tvOS 15.1, watchOS 8.1, macOS Monterey 12.0.1. A malicious application may be able to access information about a user's contacts.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30896,Apple,0.00071,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, tvOS 15.1, watchOS 8.1, macOS Monterey 12.0.1. A malicious application may be able to read user's gameplay data.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30897,Apple,0.0015,6.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30899,Apple,0.00121,7.0,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.0,5.9,['CWE-362'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30900,Apple,0.00238,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30901,Apple,0.00121,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30902,Apple,0.00042,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A local attacker may be able to cause unexpected application termination or arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-416'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:15.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30903,Apple,0.00042,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2022-05-25,,,0.0,"This issue was addressed with improved checks. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1. A local attacker may be able to cause unexpected application termination or arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30904,Apple,0.00084,5.3,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-11-18,,,0.0,A sync issue was addressed with improved state validation. This issue is fixed in macOS Monterey 12.0.1. A user's messages may continue to sync after the user has signed out of iMessage.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-662'],['cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*'],0,0
CVE-2021-30905,Apple,0.00133,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina. Processing a maliciously crafted file may disclose user information.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-125'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30906,Apple,0.00042,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"This issue was addressed with improved checks. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, macOS Big Sur 11.6.1. A local attacker may be able to elevate their privileges.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30907,Apple,0.00124,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An integer overflow was addressed through improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to elevate privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-190'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30908,Apple,0.00056,3.3,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An authentication issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A local attacker may be able to view the previous logged-in user’s desktop from the fast user switching screen.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30909,Apple,0.00138,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. An application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30910,Apple,0.00124,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted file may disclose user information.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-125'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30911,Apple,0.0007,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, iOS 15.1 and iPadOS 15.1, macOS Big Sur 11.6.1. Processing a maliciously crafted USD file may disclose memory contents.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-125'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30912,Apple,0.00071,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may gain access to a user's Keychain items.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-281'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30913,Apple,0.00068,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2022-05-25,,,0.0,"The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. An unprivileged application may be able to edit NVRAM variables.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30914,Apple,0.00072,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1. An application may be able to execute arbitrary code with kernel privileges.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30915,Apple,0.00085,2.4,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A logic issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A person with physical access to an iOS device may be able to determine characteristics of a user's password in a secure text entry field.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,LOW,0.9,1.4,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30916,Apple,0.00138,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30917,Apple,0.00138,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted image may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-20'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30919,Apple,0.00148,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted PDF may lead to arbitrary code execution.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30920,Apple,0.00042,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,A permissions issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.0.1. A local attacker may be able to read sensitive information.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-732'],['cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*'],0,0
CVE-2021-30922,Apple,0.00045,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2022-03-31,,,0.0,Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30923,Apple,0.00085,7.0,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2022-05-25,,,0.0,A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to execute arbitrary code with kernel privileges.,CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.0,5.9,['CWE-362'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30924,Apple,0.00645,7.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2022-01-19,,,0.0,A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1. A remote attacker can cause a device to unexpectedly restart.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30930,Apple,0.00075,5.3,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2022-09-16,,,0.0,A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. An attacker may be able to track users through their IP address.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['NVD-CWE-noinfo'],['cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*'],0,0
CVE-2021-30931,Apple,0.00069,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2021-10-25,,,0.0,"A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. A malicious application may be able to disclose kernel memory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-30933,Apple,0.00085,7.0,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2022-05-25,,,0.0,"A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges.",CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.0,5.9,['CWE-362'],"['cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*']",0,0
CVE-2021-30994,Apple,0.00052,3.3,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2022-05-25,,,0.0,An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,['NVD-CWE-noinfo'],['cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*'],0,0
CVE-2021-31002,Apple,0.00085,7.8,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2022-09-16,,,0.0,"An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.2. A malicious application may be able to execute arbitrary code with system privileges.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-125'],"['cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*']",0,0
CVE-2021-31004,Apple,0.0007,7.0,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2022-03-31,,,0.0,"A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.5. An application may be able to gain elevated privileges.",CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,HIGH,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.0,5.9,['CWE-362'],"['cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*']",0,0
CVE-2021-31005,Apple,0.00081,7.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2022-03-31,,,0.0,"Description: A logic issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15, macOS Monterey 12.0.1. Turning off ""Block all remote content"" may not apply to all remote content types.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*']",0,0
CVE-2021-31007,Apple,0.00066,5.5,0.0,0.0,0.0,1.0,0,2021-08-24,1.0,2022-05-25,,,0.0,"Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, tvOS 15.1, macOS Big Sur 11.6.2, watchOS 8.1, macOS Monterey 12.1. A malicious application may be able to bypass Privacy preferences.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['CWE-276'],"['cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2021-31008,Apple,0.00477,8.8,0.0,0.0,1.0,1.0,0,2021-08-24,1.0,2022-03-31,,,0.0,"A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 15.1, tvOS 15.1, iOS 15 and iPadOS 15, macOS Monterey 12.0.1, watchOS 8.1. Processing maliciously crafted web content may lead to code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-843'],"['cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*']",0,0
CVE-2017-3223,Dahua,0.01166,9.8,0.0,1.0,0.0,1.0,1,2018-07-24,1.0,2017-07-18,0.0,,1.0,"Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia (/usr/bin/sonia) that provides the web interface and other services for controlling the IP camera remotely. Versions of Sonia included in firmware versions prior to DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.0000.11.R.20170621 do not validate input data length for the 'password' field of the web interface. A remote, unauthenticated attacker may submit a crafted POST request to the IP camera's Sonia web interface that may lead to out-of-bounds memory operations and loss of availability or remote code execution. The issue was originally identified by the researcher in firmware version DH_IPC-HX1X2X-Themis_EngSpnFrn_N_V2.400.0000.30.R.20160803.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-119', 'CWE-121']","['cpe:2.3:o:dahuasecurity:ip_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ip_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ip_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ip_camera:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6341,Dahua,0.0048,5.9,0.0,1.0,0.0,1.0,1,2017-02-27,1.0,2017-07-31,,,0.0,"Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 send cleartext passwords in response to requests from the Web Page, Mobile Application, and Desktop Application interfaces, which allows remote attackers to obtain sensitive information by sniffing the network, a different vulnerability than CVE-2013-6117.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-319'],"['cpe:2.3:o:dahuasecurity:camera_firmware:2.400.0000.28.r:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr_firmware:3.210.0001.10:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:smartpss_firmware:1.16.1:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dhi-hcvr7216a-s3:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6342,Dahua,0.00331,9.8,0.0,1.0,0.0,1.0,1,2017-02-27,1.0,2017-07-31,,,0.0,"An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPSS Software is launched, while on the login screen, the software in the background automatically logs in as admin. This allows sniffing sensitive information identified in CVE-2017-6341 without prior knowledge of the password. This is a different vulnerability than CVE-2013-6117.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-269'],"['cpe:2.3:o:dahuasecurity:camera_firmware:2.400.0000.28.r:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr_firmware:3.210.0001.10:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:smartpss_firmware:1.16.1:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dhi-hcvr7216a-s3:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6343,Dahua,0.31255,8.1,0.0,1.0,0.0,1.0,1,2017-02-27,1.0,2017-07-31,,,0.0,"The web interface on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 allows remote attackers to obtain login access by leveraging knowledge of the MD5 Admin Hash without knowledge of the corresponding password, a different vulnerability than CVE-2013-6117.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-287'],"['cpe:2.3:o:dahuasecurity:camera_firmware:2.400.0000.28.r:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr_firmware:3.210.0001.10:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:smartpss_firmware:1.16.1:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dhi-hcvr7216a-s3:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6432,Dahua,0.00159,8.1,0.0,1.0,0.0,1.0,1,2017-03-09,0.0,,0.0,,,"An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of fully privileged new users, in addition to capture of sensitive information.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-319'],"['cpe:2.3:o:dahuasecurity:nvr_firmware:3.210.0001.10:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dhi-hcvr7216a-s3:-:*:*:*:*:*:*:*']",0,0
CVE-2017-7253,Dahua,0.00101,8.8,0.0,1.0,0.0,1.0,1,2017-03-30,0.0,,0.0,,,"Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with admin credentials so as to obtain full control of the target IP camera. During exploitation, the first JSON object encountered has a ""Component error: login challenge!"" message. The second JSON object encountered has a result indicating a successful admin login.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-922'],"['cpe:2.3:h:dahuasecurity:ip_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ip_camera_firmware:3.200.0001.6:*:*:*:*:*:*:*']",0,0
CVE-2017-7925,Dahua,0.31992,9.8,0.0,1.0,0.0,1.0,1,2017-05-06,0.0,,1.0,2017-05-04,,"A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-522', 'CWE-260']","['cpe:2.3:o:dahuasecurity:dh-ipc-hdbw23a0rn-zs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hdbw23a0rn-zs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hdbw13a0sn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hdbw13a0sn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hdw1xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hdw1xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hdw2xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hdw2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hdw4xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hdw4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hfw1xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hfw1xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hfw2xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hfw2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hfw4xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hfw4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-sd6cxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-sd6cxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-nvr1xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-nvr1xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-hcvr4xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ddh-hcvr4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-hcvr5xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-hcvr5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dhi-hcvr51a04he-s3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dhi-hcvr51a04he-s3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dhi-hcvr51a08he-s3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dhi-hcvr51a08he-s3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dhi-hcvr58a32s-s2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dhi-hcvr58a32s-s2:-:*:*:*:*:*:*:*']",0,0
CVE-2017-7927,Dahua,0.03148,7.3,0.0,1.0,0.0,1.0,1,2017-05-06,0.0,,1.0,2017-05-04,,"A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The use of password hash instead of password for authentication vulnerability was identified, which could allow a malicious user to bypass authentication without obtaining the actual password.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW,HIGH,3.9,3.4,"['CWE-798', 'CWE-836']","['cpe:2.3:o:dahuasecurity:dh-ipc-hdbw23a0rn-zs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hdbw23a0rn-zs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hdbw13a0sn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hdbw13a0sn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hdw1xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hdw1xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hdw2xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hdw2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hdw4xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hdw4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hfw1xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hfw1xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hfw2xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hfw2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-ipc-hfw4xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-ipc-hfw4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-sd6cxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-sd6cxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-nvr1xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-nvr1xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-hcvr4xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ddh-hcvr4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-hcvr5xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-hcvr5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dhi-hcvr51a04he-s3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dhi-hcvr51a04he-s3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dhi-hcvr51a08he-s3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dhi-hcvr51a08he-s3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dhi-hcvr58a32s-s2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dhi-hcvr58a32s-s2:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9314,Dahua,0.00087,8.8,0.0,1.0,0.0,1.0,1,2017-11-13,0.0,,0.0,,,"Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. Attacker could exploit this vulnerability to gain access to additional operations by means of forging json message.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-287'],"['cpe:2.3:o:dahuasecurity:nvr5464-16p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5464-16p-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5208-8p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5208-8p-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5432-16p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5432-16p-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5416-16p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5416-16p-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5464-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5464-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5432-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5432-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5416-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5416-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5232-16p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5232-16p-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5216-16p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5216-16p-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5232-8p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5232-8p-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5216-8p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5216-8p-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5232-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5232-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5216-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5216-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5208-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5208-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5816-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5816-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5832-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5832-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5864-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5864-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5864-16p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5864-16p-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5832-16p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5832-16p-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5816-16p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5816-16p-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5424-24p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5424-24p-4ks2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5224-24p-4ks2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5224-24p-4ks2:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9315,Dahua,0.00558,9.8,0.0,1.0,0.0,1.0,1,2017-11-28,0.0,,0.0,,,Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized dealer to reset the admin password. The algorithm used in this mechanism is potentially at risk of being compromised and subsequently utilized by attacker.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:dahuasecurity:ipc-hfw1xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw1xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw1xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw1xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw1xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw1xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw2xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw4xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw4xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hf5xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hf5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw5xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw5xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw5xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hf8xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hf8xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw8xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw8xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw8xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw8xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-ebw8xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-ebw8xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-pfw8xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-pfw8xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-sd2xxxxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-sd2xxxxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-pdbw8xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-pdbw8xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hum8xxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hum8xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:psd8xxxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:psd8xxxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-sd4xxxxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-sd4xxxxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-sd5xxxxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-sd5xxxxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:dh-sd6xxxxx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:dh-sd6xxxxx:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9316,Dahua,0.00336,6.5,0.0,1.0,0.0,1.0,1,2017-11-27,0.0,,0.0,,,"Firmware upgrade authentication bypass vulnerability was found in Dahua IPC-HDW4300S and some IP products. The vulnerability was caused by internal Debug function. This particular function was used for problem analysis and performance tuning during product development phase. It allowed the device to receive only specific data (one direction, no transmit) and therefore it was not involved in any instance of collecting user privacy data or allowing remote code execution.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,LOW,HIGH,MEDIUM,2.2,4.2,['CWE-287'],"['cpe:2.3:o:dahuasecurity:nvr11hs_firmware:3.210.0000.0.r.20150206:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr11hs_firmware:3.210.0000.1.r.20150420:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr11hs_firmware:3.210.0000.2.r.20150715:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr11hs_firmware:3.210.0000.3.r.20150921:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr11hs_firmware:3.210.0000.5.r.20160409:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr11hs_firmware:3.210.0000.5.r.20160603:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr11hs_firmware:3.210.0000.5.r.20160803:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr11hs_firmware:3.210.0000.5.r.20161226:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr11hs_firmware:3.210.0000.5.r.20170305:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr11hs_firmware:3.210.0000.5.r.20170321:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr11hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4300s_firmware:2.240.0009.0.r.20131015:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4300s_firmware:2.400.0000.0.r.20131231:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4300s_firmware:2.420.0000.0.r.20140419:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4300s_firmware:2.420.0002.0.r.20140621:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4300s_firmware:2.420.0002.0.r.20140724:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4300s_firmware:2.420.0005.0.r.20141205:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4300s_firmware:2.420.0006.0.r.20150311:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4300s_firmware:2.420.0007.0.r.20150409:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4300s_firmware:2.420.0008.0.r.20150710:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw4300s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw4x00_firmware:2.400.0000.3.r.20150312:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw4x00_firmware:2.420.0006.0.r.20150311:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw4x00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4x00_firmware:2.400.0000.3.r.20150312:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4x00_firmware:2.420.0006.0.r.20150311:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw4x00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw4x00_firmware:2.400.0000.3.r.20150312:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw4x00_firmware:2.420.0006.0.r.20150311:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw4x00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hf5x00_firmware:2.400.0000.3.r.20150312:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hf5x00_firmware:2.420.0006.0.r.20150311:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hf5x00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw5x00_firmware:2.400.0000.3.r.20150312:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw5x00_firmware:2.420.0006.0.r.20150311:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw5x00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw5x00_firmware:2.400.0000.3.r.20150312:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw5x00_firmware:2.420.0006.0.r.20150311:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw5x00:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw5x00_firmware:2.400.0000.3.r.20150312:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw5x00_firmware:2.420.0006.0.r.20150311:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw5x00:-:*:*:*:*:*:*:*']",0,0
CVE-2020-9499,Dahua,0.00096,7.2,0.0,1.0,0.0,1.0,1,2020-04-09,1.0,2020-04-07,,,1.0,"Some Dahua products have buffer overflow vulnerabilities. After the successful login of the legal account, the attacker sends a specific DDNS test command, which may cause the device to go down.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-120'],"['cpe:2.3:h:dahuasecurity:sd6al:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd6al_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd5a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd5a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd1a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd1a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ptz1a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ptz1a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd52c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd52c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx5842h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx5842h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx7842h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx7842h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx2xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hxxx5x4x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hxxx5x4x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n42b1p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n42b1p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n42b2p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n42b2p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n42b3p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n42b3p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52a4p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52a4p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n54a4p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahua:n54a4p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52b2p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52b2p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52b5p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52b5p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52b3p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52b3p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n54b2p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n54b2p:-:*:*:*:*:*:*:*']",0,0
CVE-2020-9500,Dahua,0.00081,4.9,0.0,1.0,0.0,1.0,1,2020-04-09,1.0,2020-04-07,,,1.0,"Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:dahuasecurity:sd6al_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd6al:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd5a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd5a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd1a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd1a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ptz1a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ptz1a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd52c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd52c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx5842h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx5842h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx7842h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx7842h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx2xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hxxx5x4x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hxxx5x4x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n42b1p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n42b1p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n42b2p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n42b2p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n42b3p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n42b3p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52a4p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52a4p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n54a4p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahua:n54a4p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52b2p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52b2p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52b5p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52b5p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52b3p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52b3p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n54b2p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n54b2p:-:*:*:*:*:*:*:*']",0,0
CVE-2021-33044,Dahua,0.95229,9.8,0.0,1.0,0.0,0.0,1,2021-09-15,1.0,2021-11-15,,,0.0,The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:dahuasecurity:ipc-hum7xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hum7xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx3xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx3xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx5xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd1a1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd1a1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd22_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd22:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd41_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd41:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd52c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd52c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd6al_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd6al:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-bf1241_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-bf1241:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-bf2221_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-bf2221:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-bf5x01_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-bf5x01:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-pt8x21b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-pt8x21b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-sd2221_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-sd2221:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-sd8x21_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-sd8x21:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:vto-65xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:vto-65xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:vto-75x95x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:vto-75x95x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:vth-542xh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:vth-542xh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-bf5x21_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-bf5x21:-:*:*:*:*:*:*:*']",0,0
CVE-2021-33045,Dahua,0.93321,9.8,0.0,1.0,0.0,1.0,1,2021-09-15,1.0,2021-11-15,,,0.0,The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:dahuasecurity:ipc-hum7xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hum7xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx3xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx3xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx5xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr-1xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr-1xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr-2xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr-2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr-4xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr-4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr-5xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr-5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr-6xx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr-6xx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:vth-542xh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:vth-542xh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:vto-65xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:vto-65xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:vto-75x95x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:vto-75x95x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr-4x04_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr-4x04:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr-4x08_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr-4x08:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr-4x04_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr-4x04:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr-5x04_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr-5x04:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr-5x08_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr-5x08:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr-5x16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr-5x16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr-7x16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr-7x16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr-7x32_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr-7x32:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30560,Dahua,0.00164,7.4,0.0,1.0,0.0,1.0,1,2022-06-28,1.0,2022-06-28,,,1.0,"When an attacker obtaining the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,HIGH,2.2,5.2,['NVD-CWE-noinfo'],"['cpe:2.3:h:dahuasecurity:ipc-hdbw2431e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2431e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2230e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2230e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2531r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2531r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2531r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2531r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2531e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2531e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2431r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2431r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2431r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2431r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231f-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231f-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231m-as-i2-b-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231m-as-i2-b-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2230s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2230s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2439m-as-led-b-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2439m-as-led-b-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2239m-as-led-b-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2239m-as-led-b-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2439s-sa-led-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2439s-sa-led-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2239s-sa-led-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2239s-sa-led-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7213x-t1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7213x-t1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7223x-a-t1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7223x-a-t1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7223x-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7223x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7213x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7213x:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9317,Dahua,0.00104,8.8,0.0,1.0,0.0,1.0,0,2018-05-23,0.0,,0.0,,,Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:dahuasecurity:xvr5x16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr5x16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr5x08:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr5x08_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr5x04:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr5x04_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr7x16:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr7x16_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw4xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw4xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw5xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw5xxx_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-9677,Dahua,0.0025,9.8,0.0,1.0,0.0,1.0,0,2019-09-18,1.0,2020-01-10,,,0.0,"The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:dahuasecurity:ipc-hdw1x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw1x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw1x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw1x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw2x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw2x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw5x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw5x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw5x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw5x2x:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9678,Dahua,0.00103,7.5,0.0,1.0,0.0,1.0,0,2019-09-18,1.0,2020-01-10,,,0.0,"Some Dahua products have the problem of denial of service during the login process. An attacker can cause a device crashed by constructing a malicious packet. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:dahuasecurity:ipc-hdw1x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw1x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw1x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw1x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw2x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw2x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw5x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw5x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw5x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw5x2x:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9679,Dahua,0.00104,8.8,0.0,1.0,0.0,1.0,0,2019-09-18,1.0,2020-01-10,,,0.0,"Some of Dahua's Debug functions do not have permission separation. Low-privileged users can use the Debug function after logging in. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18,2019.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-276'],"['cpe:2.3:o:dahuasecurity:ipc-hdw1x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw1x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw1x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw1x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw2x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw2x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw5x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw5x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw5x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw5x2x:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9680,Dahua,0.00084,5.3,0.0,1.0,0.0,1.0,0,2019-09-18,1.0,2020-01-10,,,0.0,"Some Dahua products have information leakage issues. Attackers can obtain the IP address and device model information of the device by constructing malicious data packets. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['NVD-CWE-noinfo'],"['cpe:2.3:o:dahuasecurity:ipc-hdw1x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw1x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw1x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw1x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw2x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw2x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw5x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw5x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw5x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw5x2x:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9681,Dahua,0.00084,5.3,0.0,1.0,0.0,1.0,0,2019-09-17,1.0,2020-01-10,,,0.0,"Online upgrade information in some firmware packages of Dahua products is not encrypted. Attackers can obtain this information by analyzing firmware packages by specific means. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18,2019.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-311'],"['cpe:2.3:o:dahuasecurity:ipc-hdw1x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw1x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw1x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw1x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw2x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw2x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw4x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw4x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdw5x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdw5x2x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw5x2x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw5x2x:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9682,Dahua,0.00222,8.1,0.0,1.0,0.0,1.0,0,2020-05-13,1.0,2020-05-11,,,1.0,"Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker can monitor the device network to intercept network packets to attack the device. So it is recommended that the user disable this login method.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-276'],"['cpe:2.3:o:dahuasecurity:sd6al_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd6al:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd5a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd5a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd1a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd1a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ptz1a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ptz1a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd52c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd52c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx5842h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx5842h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx7842h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx7842h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx2xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hxxx5x4x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hxxx5x4x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n42b1p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n42b1p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n42b2p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n42b2p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n42b3p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n42b3p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52a4p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52a4p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n54a4p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n54a4p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52b2p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52b2p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52b5p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52b5p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52b3p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52b3p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n54b2p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n54b2p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw1320e-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw1320e-w:-:*:*:*:*:*:*:*']",0,0
CVE-2020-9502,Dahua,0.00222,9.8,0.0,1.0,0.0,1.0,0,2020-05-13,1.0,2020-05-11,,,1.0,"Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During normal user access, an attacker can use the predicted Session ID to construct a data packet to attack the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-330'],"['cpe:2.3:o:dahuasecurity:sd6al_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd6al:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd5a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd5a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd1a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd1a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ptz1a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ptz1a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd52c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd52c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx5842h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx5842h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx7842h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx7842h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx2xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hxxx5x4x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hxxx5x4x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n42b1p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n42b1p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n42b2p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n42b2p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n42b3p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n42b3p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52a4p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52a4p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n54a4p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n54a4p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52b2p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52b2p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52b5p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52b5p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n52b3p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n52b3p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:n54b2p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:n54b2p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw1320e-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw1320e-w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-33046,Dahua,0.00256,9.8,0.0,1.0,0.0,1.0,0,2022-01-13,1.0,2022-01-12,,,1.0,Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:dahuasecurity:ipc-hx1xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx1xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx2xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx3xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx3xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx5\\(4\\)\\(3\\)xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx5\\(4\\)\\(3\\)xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hx5xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hx5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd1a1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd1a1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd22_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd22:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd49_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd49:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd52c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd52c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:sd6al_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:sd6al:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-bf1241_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-bf1241:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-bf2221_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-bf2221:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-bf5x01_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-bf5x01:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-pt8x21x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-pt8x21x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-sd2221_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-sd2221:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:tpc-sd8x21_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:tpc-sd8x21:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr1xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr1xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr2xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr2xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr4xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:nvr5xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:nvr5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr4xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr4xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr5xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr5xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:xvr7xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:xvr7xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:hcvr7xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:hcvr7xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:hcvr8xxx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:hcvr8xxx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:vtox20xf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:vtox20xf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asc2204c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asc2204c:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30561,Dahua,0.00133,5.9,0.0,1.0,0.0,1.0,0,2022-06-28,1.0,2022-06-28,,,1.0,"When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in, the attacker could log in to the device by replaying the user's login packet.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:dahuasecurity:ipc-hdbw2431e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2431e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2230e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2230e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2531r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2531r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2531r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2531r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2531e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2531e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2431r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2431r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2431r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2431r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231f-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231f-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231m-as-i2-b-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231m-as-i2-b-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2230s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2230s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2439m-as-led-b-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2439m-as-led-b-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2239m-as-led-b-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2239m-as-led-b-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2439s-sa-led-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2439s-sa-led-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2239s-sa-led-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2239s-sa-led-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7213x-t1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7213x-t1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7223x-a-t1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7223x-a-t1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7223x-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7223x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7213x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7213x:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30562,Dahua,0.00065,4.7,0.0,1.0,0.0,1.0,0,2022-06-28,1.0,2022-06-28,,,1.0,"If the user enables the https function on the device, an attacker can modify the user’s request data packet through a man-in-the-middle attack ,Injection of a malicious URL in the Host: header of the HTTP Request results in a 302 redirect to an attacker-controlled page.",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,HIGH,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.6,2.7,['CWE-601'],"['cpe:2.3:h:dahuasecurity:ipc-hdbw2431e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2431e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2230e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2230e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2531r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2531r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2531r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2531r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2531e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2531e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2431r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2431r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2431r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2431r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231f-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231f-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231m-as-i2-b-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231m-as-i2-b-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2230s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2230s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2439m-as-led-b-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2439m-as-led-b-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2239m-as-led-b-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2239m-as-led-b-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2439s-sa-led-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2439s-sa-led-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2239s-sa-led-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2239s-sa-led-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7213x-t1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7213x-t1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7223x-a-t1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7223x-a-t1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7223x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7223x-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7213x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7213x_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2022-30563,Dahua,0.00135,7.4,0.0,1.0,0.0,1.0,0,2022-06-28,1.0,2022-06-28,,,1.0,"When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user's login packet.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.2,5.2,['NVD-CWE-noinfo'],"['cpe:2.3:o:dahuasecurity:ipc-hdbw2431e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2431e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2230e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2230e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2831e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2831e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2531r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2531r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2531r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2531r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2531e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2531e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2431r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2431r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2431r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2431r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231f-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231f-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231e-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231e-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231r-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231r-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hdbw2231r-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hdbw2231r-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231m-as-i2-b-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231m-as-i2-b-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2231t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2231t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2230s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2230s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2431s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2431s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2531s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2531s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831t-as-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831t-as-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831t-zs-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831t-zs-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831t-zas-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831t-zas-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2831s-s-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2831s-s-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2439m-as-led-b-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2439m-as-led-b-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2239m-as-led-b-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2239m-as-led-b-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2439s-sa-led-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2439s-sa-led-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:ipc-hfw2239s-sa-led-s2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:ipc-hfw2239s-sa-led-s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7213x-t1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7213x-t1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7223x-a-t1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7223x-a-t1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7223x-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7223x-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:dahuasecurity:asi7213x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:dahuasecurity:asi7213x:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5693,Intel,0.0013,7.5,0.0,1.0,0.0,1.0,1,2018-07-31,0.0,,1.0,2018-07-31,,"Firmware in the Intel Puma 5, 6, and 7 Series might experience resource depletion or timeout, which allows a network attacker to create a denial of service via crafted network traffic.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-400'],"['cpe:2.3:o:intel:puma_firmware:5.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:puma:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:puma_firmware:6.0_soc:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:puma:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:puma_firmware:7.0_soc:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:puma:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5729,Intel,0.00219,7.4,0.0,1.0,0.0,1.0,1,2017-11-21,1.0,2017-12-07,,,0.0,Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH,HIGH,2.2,5.2,['NVD-CWE-noinfo'],"['cpe:2.3:o:intel:dual_band_wireless-ac_3160:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_3160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-n_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-n_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:wireless-n_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-n_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-n_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-n_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:wireless-n_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-n_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_3165:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_3165:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-n_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-n_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-n_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:wireless-n_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_3168:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_3168:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:tri-band_wireless-ac_17265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:tri-band_wireless-ac_17265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:tri-band_wireless-ac_18260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:tri-band_wireless-ac_18260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_8265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_8265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:tri-band_wireless-ac_18265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:tri-band_wireless-ac_18265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:wireless-ac_9260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:wireless-ac_9260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2017-5753,Intel,0.97551,5.6,1.0,1.0,0.0,0.0,1,2018-01-04,1.0,2018-04-04,,,0.0,Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N,LOCAL,HIGH,LOW,NONE,CHANGED,HIGH,NONE,NONE,MEDIUM,1.1,4.0,['CWE-203'],"['cpe:2.3:h:intel:atom_c:c2308:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2316:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2338:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2350:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2358:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2508:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2516:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2518:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2530:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2538:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2550:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2558:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2718:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2730:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2738:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2750:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c2758:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3308:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3338:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3508:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3538:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3558:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3708:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3750:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3758:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3808:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3830:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3850:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3858:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3950:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3955:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c:c3958:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e:e3805:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e:e3815:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e:e3825:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e:e3826:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e:e3827:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e:e3845:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3:c3130:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3:c3200rk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3:c3205rk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3:c3230rk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3:c3235rk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3:c3265rk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3:c3295rk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3:c3405:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3:c3445:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2420:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2460:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2480:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2520:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2560:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2580:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z2760:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3460:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3480:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3530:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3560:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3570:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3580:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3590:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3735d:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3735e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3735f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3735g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3736f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3736g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3740:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3740d:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3745:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3745d:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3770:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3770d:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3775:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3775d:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3785:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z:z3795:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j1750:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j1800:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j1850:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j1900:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3060:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3160:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3355:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3455:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j4005:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j4105:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2805:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2806:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2807:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2808:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2810:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2815:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2820:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2830:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2840:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2910:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2920:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2930:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2940:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3000:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3010:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3050:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3060:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3150:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3160:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3350:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3450:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n4000:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n4100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:330e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:330m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:330um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:350m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:370m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:380m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:380um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:390m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:530:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:540:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:550:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:560:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2102:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2105:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2115c:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2120:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2120t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2125:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2130:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2310e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2310m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2312m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2328m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2330e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2330m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2340ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2348m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2350m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2357m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2365m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2367m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2370m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2375m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2377m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3110m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3115c:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3120m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3120me:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3130m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3210:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3217u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3217ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3220:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3220t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3225:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3227u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3229y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3240:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3240t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3245:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3250:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3250t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4000m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4005u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4010u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4010y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4012y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4020y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4025u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4030u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4030y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4100e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4100m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4100u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4102e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4110e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4110m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4112e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4120u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4130:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4130t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4150:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4150t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4158u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4160:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4160t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4170:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4170t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4330:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4330t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4330te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4340:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4340te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4350:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4350t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4360:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4360t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4370:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4370t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:5005u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:5010u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:5015u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:5020u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:5157u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:430m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:430um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:450m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:460m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:470um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:480m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:520e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:520m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:520um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:540m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:540um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:560m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:560um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:580m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2310:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2320:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2380p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2390t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2400s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2405s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2410m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2430m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2435m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2450m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2450p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2467m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2500k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2500s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2510e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2515e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2520m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2537m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2540m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2550k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2557m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3210m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3230m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3317u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3320m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3330:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3330s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3337u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3339y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3340:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3340m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3340s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3350p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3360m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3380m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3427u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3437u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3439y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3450:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3450s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3470:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3470s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3470t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3475s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3550:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3550s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3570:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3570k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3570s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3570t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3610me:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4200h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4200m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4200u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4200y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4202y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4210h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4210m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4210u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4210y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4220y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4250u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4258u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4260u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4278u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4288u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4300m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4300u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4300y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4302y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4308u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4310m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4310u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4330m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4340m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4350u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4360u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4400e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4402e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4402ec:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4410e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4422e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4430:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4430s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4440:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4440s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4460:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4460s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4460t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4570:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4570r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4570s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4570t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4570te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4590:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4590s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4590t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4670:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4670k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4670r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4670s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4670t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4690:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4690k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4690s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4690t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5200u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5250u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5257u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5287u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5300u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5350h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5350u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5575r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5675c:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5675r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:920:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:920xm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:930:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:940:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:940xm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:950:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:960:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:965:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:970:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:975:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:980:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:980x:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:990x:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2600s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2610ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2617m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2620m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2629m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2630qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2635qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2637m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2640m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2649m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2655le:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2657m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2670qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2675qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2677m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2710qe:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2715qe:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2720qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2760qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2820qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2860qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2920xm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2960xm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3517u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3517ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3520m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3537u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3540m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3555le:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3610qe:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3610qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3612qe:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3612qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3615qe:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3615qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3630qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3632qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3635qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3667u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3687u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3689y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3720qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3740qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3770:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3770k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3770s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3770t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3820qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3840qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4500u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4510u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4550u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4558u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4578u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4600m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4600u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4610m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4610y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4650u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4700ec:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4700eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4700hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4700mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4702ec:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4702hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4702mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4710hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4710mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4712hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4712mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4720hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4722hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4750hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4760hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4765t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4771:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4785t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4790:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4790k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4790s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4790t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4800mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4810mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4850hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4860hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4870hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4900mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4910mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4950hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4960hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4980hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5500u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5550u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5557u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5600u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5650u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5700eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5700hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5750hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5775c:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5775r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5850eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5850hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5950hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y10:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y10a:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y10c:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y31:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y51:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y70:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y71:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3:6y30:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3:7y30:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3:7y32:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m5:6y54:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m5:6y57:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m7:6y75:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_j:j2850:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_j:j2900:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_j:j3710:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_j:j4205:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_n:n3510:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_n:n3520:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_n:n3530:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_n:n3540:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_n:n3700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_n:n3710:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_n:n4200:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5502:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5503:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5504:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5506:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5507:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5520:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5530:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5540:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5603:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5606:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5607:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5620:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5630:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5640:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5645:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e5649:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e6510:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e6540:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e7520:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e7530:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:e7540:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:ec5509:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:ec5539:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:ec5549:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l3406:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l3426:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l5506:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l5508:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l5518:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l5520:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l5530:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l5609:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l5618:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l5630:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l5638:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l5640:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l7545:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:l7555:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:lc5518:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:lc5528:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:w3670:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:w3680:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:w3690:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:w5580:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:w5590:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x3430:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x3440:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x3450:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x3460:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x3470:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x3480:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5550:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5560:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5570:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5647:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5650:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5660:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5667:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5670:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5672:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5675:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5677:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5680:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5687:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x5690:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x6550:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x7542:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x7550:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon:x7560:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3104:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3106:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-1105c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1105c_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1125c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1125c_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_12201:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_12201_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1226_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1231_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1235:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1241_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1246_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1258l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1260l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1265l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1265l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1265l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1268l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1271_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1276_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1278l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1281_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1285_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1285_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1285l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1285l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1286_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1286l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1290:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1290_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2650l_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2658:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2658_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2658_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2658_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2658a_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2660:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2660_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2660_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2660_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2665:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2667:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2667_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2667_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2667_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2670:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2670_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2670_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2680:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2680_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2680_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2680_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2683_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2683_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2687w:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2687w_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2687w_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2687w_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2690:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2690_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2690_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2690_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2695_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2695_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2695_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2697_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2697_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2697_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2697a_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2698_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2698_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2699_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2699_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2699a_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:2699r_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4603:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4603_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4607:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4607_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4610:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4610_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4610_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4610_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4617:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4620:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4620_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4620_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4620_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4624l_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4627_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4627_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4627_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4628l_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4640:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4640_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4640_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4640_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4648_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4650:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4650_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4650_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4650_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4650l:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4655_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4655_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4657l_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4660_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4660_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4667_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4667_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4669_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5:4669_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1428l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1428l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1428l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1620_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1630_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1650_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1660_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1680_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_1680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2403:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2403_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2407:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2407_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2408l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2418l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2418l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2418l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2420:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2420_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2428l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2428l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2428l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2430:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2430_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2430l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2430l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2438l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2440:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2440_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2448l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2448l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2450:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2450_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2450l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2450l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2470:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2470_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2603:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2603_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2603_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2603_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2608l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2608l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2609:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2609_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2609_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2609_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2618l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2618l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2618l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2620_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2623_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2623_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2628l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2628l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2630l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2637:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2637_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2637_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2637_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2640:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2640_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2640_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2643:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2643_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2643_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2643_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2648l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2648l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2648l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2648l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5_2650l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2803:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2820:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2830:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2850:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2850_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2860:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2870:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2870_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2880_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:2890_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4807:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4809_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4809_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4809_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4820:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4820_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4820_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4820_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4830:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4830_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4830_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4830_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4850:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4850_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4850_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4850_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4860:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4860_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4870:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4870_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4880_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:4890_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8830:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8837:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8850:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8850_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8857_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8860:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8860_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8860_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8867_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8867_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8867l:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8870:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8870_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8870_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8870_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8880_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8880_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8880_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8880l_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8880l_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8890_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8890_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8890_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8891_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8891_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8891_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8893_v2:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8893_v3:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8893_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7:8894_v4:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:5115:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:5118:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:5119t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:5120:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:5120t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:5122:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6126:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6126f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6126t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6128:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6130:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6130f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6130t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6132:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6134:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6134m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6136:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6138:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6138f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6138t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6140:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6140m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6142:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6142f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6142m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6144:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6146:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6148:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6148f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6150:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6152:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold:6154:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_phi:7210:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_phi:7210f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_phi:7230:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_phi:7230f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_phi:7235:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_phi:7250:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_phi:7250f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_phi:7285:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_phi:7290:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_phi:7290f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_phi:7295:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8153:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8156:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8158:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8160:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8160f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8160m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8160t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8164:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8168:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8170:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8170m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8176:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8176f:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8176m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum:8180:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4108:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4109t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4110:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4112:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4114:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4114t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4116:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver:4116t:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:local_service_management_system:13.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:local_service_management_system:13.2:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:local_service_management_system:13.3:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:virtual_machine_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs360hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs360hd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*', 'cpe:2.3:o:suse:suse_linux_enterprise_desktop:12:sp2:*:*:*:*:*:*', 'cpe:2.3:o:suse:suse_linux_enterprise_desktop:12:sp3:*:*:*:*:*:*', 'cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp4:*:*:*:*:*:*', 'cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp2:*:*:*:*:*:*', 'cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp2:*:*:*:*:raspberry_pi:*', 'cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp3:*:*:*:*:*:*', 'cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*', 'cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*', 'cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit:12:sp3:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-r7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-r7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-r8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-r8_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a8_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a9_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a12_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a15_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a15:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a17_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a17:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a57_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a57:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a72_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a72:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a73_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a73:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a75_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a75:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a76_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a76:-:*:*:*:*:*:*:*', 'cpe:2.3:a:pepperl-fuchs:visunet_rm_shell:-:*:*:*:*:*:*:*', 'cpe:2.3:o:pepperl-fuchs:btc12_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:pepperl-fuchs:btc12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:pepperl-fuchs:btc14_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:pepperl-fuchs:btc14:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_ppc_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_ppc_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_ppc12_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_ppc12_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_ppc15_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_ppc15_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_ppc17_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_ppc17_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_bpc_2000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_bpc_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_bpc_2001_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_bpc_2001:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_bpc_3000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_bpc_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_bpc_3001_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_bpc_3001:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_ppc15_3000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_ppc15_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_ppc17_3000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_ppc17_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_bpc_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_bpc_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_bpc_7001_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_bpc_7001:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_ppc_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_ppc_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_ppc15_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_ppc15_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_ppc17_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_ppc17_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_rackmount_2u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_rackmount_2u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl_rackmount_4u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl_rackmount_4u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl2_bpc_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl2_bpc_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl2_ppc_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl2_ppc_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl2_bpc_2000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl2_bpc_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl2_ppc_2000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl2_ppc_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl2_bpc_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl2_bpc_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:bl2_ppc_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:bl2_ppc_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:dl_ppc15_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:dl_ppc15_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:dl_ppc15m_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:dl_ppc15m_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:dl_ppc18.5m_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:dl_ppc18.5m_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:dl_ppc21.5m_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:dl_ppc21.5m_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:el_ppc_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:el_ppc_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:el_ppc_1000\\/wt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:el_ppc_1000\\/wt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:el_ppc_1000\\/m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:el_ppc_1000\\/m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:valueline_ipc_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:valueline_ipc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl_bpc_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl_bpc_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl_bpc_2000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl_bpc_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl_ppc_2000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl_ppc_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl_bpc_3000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl_bpc_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl_ppc_3000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl_ppc_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl_ipc_p7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl_ipc_p7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_bpc_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_bpc_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_ppc_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_ppc_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_bpc_2000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_bpc_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_ppc_2000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_ppc_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_bpc_3000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_bpc_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_ppc_3000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_ppc_3000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_bpc_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_bpc_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_ppc_7000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_ppc_7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_bpc_9000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_bpc_9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_ppc_9000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_ppc_9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_ppc7_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_ppc7_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_ppc9_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_ppc9_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:phoenixcontact:vl2_ppc12_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:phoenixcontact:vl2_ppc12_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1500:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1500_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1500_pro:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1900:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc1900_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc1900_pro:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc2200:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itc2200_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itc2200_pro:v3:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:2010:-:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:2010:sp1:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_winac_rtx_\\(f\\)_2010_firmware:2010:sp2:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_winac_rtx_\\(f\\)_2010:-:*:*:*:*:*:*:*', 'cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*', 'cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:-:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201312101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201312102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201312401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201312402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403201:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403202:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403203:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403204:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403205:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403206:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403207:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403208:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403209:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403210:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201403211:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201404401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201404402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201404403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201404420:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201406401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201407101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201407102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201407401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201407402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201407403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201407404:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201407405:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201409101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201409201:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201409202:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201409203:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201409204:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201409205:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201409206:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201409207:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201410101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201410401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201410402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201410403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201410404:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201410405:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201410406:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201501101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201501401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201501402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201501403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201501404:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201501405:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201502401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201504201:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201505101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201505401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201505402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201505403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201505404:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509201:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509202:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509203:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509204:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509205:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509206:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509207:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509208:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509209:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509210:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509211:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509212:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201509213:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201510401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201512101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201512102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201512401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201512402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201512403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201512404:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201601401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201602401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201608101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201608102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201608401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201608402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201608403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201608404:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201608405:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201609101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201609102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201609401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201609402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201609403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201612101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201612102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201612401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201612402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201703401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201709101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201709102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201709103:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201709401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201709402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:5.5.0:550-201709403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201703401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201706101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201706102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201706103:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201706401:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201706402:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201706403:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.0:600-201710301:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*', 'cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a77_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a78_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a78:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-a78ae_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a78ae:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:neoverse_n1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:neoverse_n1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:neoverse_n2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:neoverse_n2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arm:cortex-x1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-x1:-:*:*:*:*:*:*:*']",2,0
CVE-2018-12163,Intel,0.00044,4.8,0.0,0.0,1.0,0.0,1,2018-09-12,1.0,2018-09-11,,,1.0,A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access.,CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,LOW,LOW,LOW,MEDIUM,1.3,3.4,['CWE-427'],['cpe:2.3:a:intel:iot_developers_kit:4.0:*:*:*:*:*:*:*'],0,0
CVE-2018-12187,Intel,0.00124,7.5,0.0,0.0,0.0,1.0,1,2019-03-14,1.0,2019-03-12,,,1.0,"Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially cause a denial of service via network access.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-12189,Intel,0.00044,4.4,0.0,0.0,0.0,1.0,1,2019-03-14,1.0,2019-03-12,,,1.0,"Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.",CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,0.8,3.6,['CWE-754'],"['cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:trusted_execution_engine_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-12205,Intel,0.00132,6.8,0.0,1.0,0.0,1.0,1,2019-03-14,1.0,2019-04-24,,,0.0,"Improper certificate validation in Platform Sample/ Silicon Reference firmware for 8th Generation Intel(R) Core(tm) Processor, 7th Generation Intel(R) Core(tm) Processor may allow an unauthenticated user to potentially enable an escalation of privilege via physical access.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-295'],"['cpe:2.3:o:intel:platform_sample_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8109u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8130u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8145u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8300t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8200y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8259u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8265u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8269u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8300h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8305g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8500b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8086k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8500y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8559u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8565u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8705g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8706g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8709g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8750h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8809g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8850h:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:platform_sample_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7020u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7101e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7101te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7102e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7130u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7167u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7300t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7320:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7350k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7200u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7260u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7267u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7287u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7300hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7300u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7360u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7400t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7440eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7440hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7442eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7600t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7640x:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7740x:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7800x:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820x:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:silicon_reference_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8109u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8130u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8145u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8300t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8200y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8259u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8265u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8269u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8300h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8305g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8500b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8086k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8500y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8559u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8565u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8705g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8706g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8709g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8750h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8809g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8850h:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:silicon_reference_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7020u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7101e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7101te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7102e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7130u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7167u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7300t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7320:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7350k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7200u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7260u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7267u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7287u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7300hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7300u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7360u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7400t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7440eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7440hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7442eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7600t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7640x:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7740x:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7800x:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820x:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*']",0,0
CVE-2018-12207,Intel,0.00046,6.5,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,1.0,2019-11-12,,Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,MEDIUM,2.0,4.0,['CWE-20'],"['cpe:2.3:o:intel:core_i3-10110u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-10110y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10110y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-1005g1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9300t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9300t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9100t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9100t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9350k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9350k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9320_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8145u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8100t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8300t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8109u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8130u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8350k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7350k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7350k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7300t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7300t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7167u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7167u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7100h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7100h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7320_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7100t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7100t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7100u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7100u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6100u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6100u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6100h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6100h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6167u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6167u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-5015u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-5015u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-5020u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-5020u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-5005u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-5005u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-5010u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-5010u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-5157u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-5157u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-10210u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-10310y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-10210y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-1035g4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-1035g7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-1035g1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9400t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9600t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9600t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9500t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9500t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9300h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9300h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9400h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9600k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9600k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8265u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8200y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8400t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8400t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8300h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8300h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8259u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8259u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8269u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8269u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8700b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8700b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8400b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8400b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8500b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8500b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5\\+8500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5\\+8500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5\\+8400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5\\+8400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8305g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8250u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8250u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8350u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7500t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7500t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7600t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7600t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7400t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7400t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7300hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7300hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7267u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7267u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7600k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7600k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7260u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7260u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7440hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7440hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7287u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7287u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7360u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7360u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7200u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7200u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7y54_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7y54:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6350hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6350hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6200u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6200u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6300hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6300hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6287u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6287u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6267u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6267u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6260u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6260u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-5350h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-5350h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-5200u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-5200u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-5287u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-5287u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-5250u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-5250u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-5257u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-5257u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-10510u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-10510y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-10710u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-1065g7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9700t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9700_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9750h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9750h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9850h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9700k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8565u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8500y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8086k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8750h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8559u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7\\+8700_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7\\+8700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8709g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8809g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8705g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8706g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8550u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8650u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7700t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7820hk_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820hk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7700hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7660u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7660u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7560u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7560u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7700_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7567u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7567u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7700k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7920hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7920hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7820hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7500u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7500u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6970hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6970hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6870hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6870hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6770hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6770hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6500u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6500u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6700hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6820hk_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820hk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6560u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6560u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6567u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6567u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-5850hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-5850hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-5950hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-5950hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-5775c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-5775c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-5700hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-5700hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-5750hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-5750hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-5500u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-5500u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-5550u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-5550u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-5557u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-5557u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m3-8100y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m3-7y30_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3-7y30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m3-6y54_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3-6y54:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m3-6y30_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3-6y30:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m-5y31_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m-5y31:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m-5y51_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m-5y51:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m-5y10c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m-5y10c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m-5y10_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m-5y10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m-5y10a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m-5y10a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m-5y71_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m-5y71:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m-5y70_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m-5y70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m-5y10c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m-5y10c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-10980xe_firmware:-:*:*:*:extreme:*:*:*', 'cpe:2.3:h:intel:core_i9-10980xe:-:*:*:*:extreme:*:*:*', 'cpe:2.3:o:intel:core_i9-10900x_x-series_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10900x_x-series:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-10920x_x-series_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10920x_x-series:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-10940x_x-series_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10940x_x-series:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-9900x_x-series_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9900x_x-series:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-9920x_x-series_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9920x_x-series:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-9960x_x-series_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9960x_x-series:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-9980xe_firmware:-:*:*:*:extreme:*:*:*', 'cpe:2.3:h:intel:core_i9-9980xe:-:*:*:*:extreme:*:*:*', 'cpe:2.3:o:intel:core_i9-9940x_x-series_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9940x_x-series:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-7960x_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-7960x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-7940x_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-7940x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-7980xe_firmware:-:*:*:*:extreme:*:*:*', 'cpe:2.3:h:intel:core_i9-7980xe:-:*:*:*:extreme:*:*:*', 'cpe:2.3:o:intel:core_i9-7920x_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-7920x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-7900x_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-7900x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7820x_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7800x_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7800x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_g5620_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g5620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_g5600t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g5600t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_g5600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g5600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_g5500t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g5500t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_g5500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g5500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_g5420t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g5420t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_g5420_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g5420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_6405u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_6405u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_5405u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_5405u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_g5400t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g5400t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_g5400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g5400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_4425y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_4425y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_4417u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_4417u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_4415u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_4415u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_4415y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_4415y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_gold_4410y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_4410y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4950_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4950:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4932e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4932e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4930t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4930t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4930e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4930e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4930_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4930:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4920_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4920:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4900t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4900t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3950_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3950:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3930te_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3930te:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3930t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3930t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3930e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3930e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3930_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3930:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3920_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3920:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3902e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3902e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3900te_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3900te:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3900e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3900e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3900t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3900t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g1850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g1850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g1840t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g1840t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g1840_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g1840:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g1830_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g1830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g1820te_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g1820te:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g1820t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g1820t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g1630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g1630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g1820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g1820_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g1620t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g1620t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g1620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g1620_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g1610t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g1610t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g1610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g1610_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_9282_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_9242_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9222:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_9222_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_9221_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9221:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8280m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8280l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8280_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8276m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8276l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8276_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8270_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8268_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8256_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8253_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6262v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6254_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6252n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6252_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6248_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6246_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6244_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6242_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240y_:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6234_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6234:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6230t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6230n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6230_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6226_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6222v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5222_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5220t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220t_:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5220s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218t_:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5217_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5215m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5215l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5215_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4216_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4215_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4214y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4214_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4210_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4209t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4208_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8890_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8890_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8893_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8893_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8880_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8880_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4830_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4830_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8860_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8860_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4809_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4809_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8870_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8870_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4820_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4820_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8891_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8891_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8867_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8867_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4850_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4850_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8855_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8855_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8860_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8860_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8867_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8867_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8870_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8870_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8880_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8880_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8880l_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8880l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4809_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4809_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8890_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8890_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4820_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4820_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8891_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8891_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4830_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4830_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4850_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4850_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8893_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8893_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4809_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4809_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8880l_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8880l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8880_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8880_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4820_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4820_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8890_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8890_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8891_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8891_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-2850_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-2850_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4830_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4830_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8893_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8893_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-2870_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-2870_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4850_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4850_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-2880_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-2880_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-2890_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-2890_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4860_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4860_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4870_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4870_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4890_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4890_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8850_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8850_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8857_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8857_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8870_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8870_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4880_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4880_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8895_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8895_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2699a_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4627_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4627_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4610a_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4610a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4620_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4628l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4660_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4640_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4669_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4669_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4667_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4655_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4655_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4650_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1660_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1630_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1620_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1680_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1650_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2687w_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2687w_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2695_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2695_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2690_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2690_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2699_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2650l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2658_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2698_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2698_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2660_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2680_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2697_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2683_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2683_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2628l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2650_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2697a_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2648l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2648l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2620_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2630l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2608l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2608l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2667_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2643_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2643_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2623_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2623_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2609_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2609_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2630_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2618l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2618l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2637_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2637_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2603_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2603_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2640_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4640_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4640_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4650_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4655_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4655_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4660_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4667_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4667_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4669_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4669_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4610_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4610_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4620_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4627_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4627_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2695_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2695_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2697_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2698_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2698_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2699_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2683_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2683_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2690_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2690_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2650_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2660_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2680_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2680_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2670_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2670_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1630_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1630_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1650_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2687w_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2687w_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2643_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2643_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1660_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1680_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1680_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2650l_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2620_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2623_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2623_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1620_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2630_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2630l_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2637_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2637_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2640_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2640_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2603_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2603_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2667_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2667_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4640_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4640_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4650_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4650_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4657l_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4657l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4607_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4607_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4610_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4610_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4620_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4620_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4657l_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4657l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4627_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4627_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4603_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4603_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2420_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2420_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2440_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2440_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2403_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2403_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2430_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2430_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2450_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2450_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2430l_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2430l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2450l_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2450l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2470_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2470_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2407_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2407_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2640_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2640_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2680_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2680_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2690_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2690_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2643_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2643_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2650_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2650l_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2695_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2695_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2660_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2660_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2667_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2667_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2697_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2603_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2603_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2670_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2670_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2609_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2609_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1620_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1620_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2687w_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2687w_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1650_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1650_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2620_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2620_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1660_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1660_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2630_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2630l_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630l_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2637_v2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2637_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1230_v6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1230_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1280_v6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1280_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1225_v6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1225_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1240_v6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1275_v6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1275_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1220_v6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1220_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1270_v6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1270_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1245_v6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1245_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1535m_v6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1535m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1505m_v6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1565l_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1565l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1585l_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1585l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1585_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1585_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1558l_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1558l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1545m_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1545m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1575m_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1575m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1515m_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1515m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1240l_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1235l_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1235l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1280_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1280_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1220_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1220_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1230_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1230_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1245_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1245_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1270_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1270_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1225_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1225_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1260l_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1260l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1240_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1275_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1275_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1268l_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1268l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1505m_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1535m_v5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1535m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1265l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1265l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1285l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1285l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1285_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1285_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1241_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1241_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1231_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1231_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1240l_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1276_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1276_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1281_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1281_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1246_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1246_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1271_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1271_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1226_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1226_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1220l_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1220l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1220_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1220_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1230l_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1230l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1225_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1225_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1265l_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1265l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1275_v3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1275_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2226g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2226g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2234_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2234:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2236_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2236:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2244g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2244g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2274g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2274g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2246g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2246g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2224_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2224:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2224g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2224g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2288g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2278g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2286g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2286g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2276g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2124g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2146g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2146g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2176g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2176g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2136_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2136:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2134_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2134:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2144g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2144g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2174g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2174g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2104g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2104g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2186g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2186g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2126g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2126g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2124:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1602:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1653n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1622:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1623n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1627:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1637:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1633n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1649n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2141i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2177nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2161i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2143it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2146nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2145nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2123it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2173it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2191:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2187nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2142it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2163it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2183it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2166nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1533n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1513n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1543n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1523n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1553n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1539:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1529:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1559:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1557:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1567:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1577:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1571:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1528:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1541:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1518:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1521:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1531:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1548:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1527:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1537:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2275_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2295_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2265_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2255_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2223_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2245_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2225_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2235_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3265m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3245m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3275_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3245_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3275m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3223_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3265_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3225_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3175x_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3175x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2175_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2175:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2133_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2133:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2155_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2155:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2123_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2123:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2145_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2145:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2125_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2125:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2135_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2135:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2195_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2195:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x7560_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x7560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l7555_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l7555:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x7550_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x7550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l7545_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l7545:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x7542_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x7542:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7540_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7530_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7520_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x7460_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x7460:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l7455_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l7455:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l7445_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l7445:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7440_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7440:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7430_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7430:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7420_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x7350_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x7350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l7345_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l7345:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7340_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7340:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7330_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7330:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7320_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7310_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7210_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7150n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7150n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7140n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7140n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7140m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7140m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7130n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7130n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7130m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7130m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7120n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7120n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7120m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7120m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7110n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7110n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7110m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7110m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7041_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7041:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7040_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7020_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_7030_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x6550_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x6550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e6540_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e6540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e6510_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e6510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5690_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5690:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5687_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5687:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5680_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5680:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5677_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5677:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5675_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5675:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5672_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5672:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5670_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5670:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5667_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5660_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5650_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5650:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5649_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5649:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5647_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5647:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5645_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5645:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5640_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5640:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5640_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5640:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5638_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5638:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5620_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5618_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5618:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5609_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5609:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5607_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5607:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5606_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5606:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5506_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5506:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5603_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5603:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w5590_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w5590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w5580_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w5580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5570_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5560_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5550_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_ec5549_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_ec5549:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5540_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_ec5539_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_ec5539:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5530_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5530_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_lc5528_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_lc5528:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5520_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5520_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_lc5518_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_lc5518:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5518_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5518:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_ec5509_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_ec5509:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5508_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5508:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5507_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5507:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5506_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5506:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5504_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5504:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5503_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5503:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5502_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5502:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5492_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5492:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5482_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5482:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5472_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5472:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5472_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5472:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5470_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5462_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5462:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5460_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5460:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5440_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5440:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5430_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5430:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5430_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5430:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5420_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5420_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5410_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5410_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5408_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5408:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5405_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5365_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5365:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5355_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5355:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5345_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5345:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5335_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5335:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5335_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5335:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5320_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5320_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5318_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5318:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5310_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5310_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5272_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5272:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5270_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x5260_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x5260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5240_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5240:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5240_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5240:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5238_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5238:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l5215_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l5215:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5205_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5205:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5160_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5150_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_lv_5148_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_lv_5148:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5140_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5140:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_lv_5138_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_lv_5138:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_lv_5133_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_lv_5133:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5130_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5130:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_lv_5128_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_lv_5128:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5120_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_lv_5113_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_lv_5113:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5110_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5080_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5080:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5070_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5063_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5063:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5060_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5050_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5040_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5030_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w3690_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w3690:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w3680_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w3680:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w3670_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w3670:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w3580_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w3570_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w3570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w3565_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w3565:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w3550_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w3550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w3540_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w3540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_ec3539_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_ec3539:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w3530_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w3530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_lc3528_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_lc3528:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w3520_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w3520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_lc3518_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_lc3518:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3480_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3470_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3470:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3460_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3460:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3450_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3450:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3440_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3440:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3430_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3430:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l3426_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l3426:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l3406_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l3406:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3380_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3380:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3370_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3360_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l3360_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l3360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3350_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3330_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3330:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3320_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3230_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3230:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_x3210_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_x3210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3120_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l3110_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l3110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3110_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_3070_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_3070:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_3065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_3065_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_3060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_3060_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_3050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_3050_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_3040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_3040_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_l3014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_l3014_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-iq_centralized_management:7.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*']",0,0
CVE-2018-12211,Intel,0.00044,6.5,0.0,0.0,1.0,0.0,1,2019-03-14,1.0,2019-03-12,,,1.0,"Insufficient input validation in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause a denial of service via local access.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,MEDIUM,2.0,4.0,['CWE-20'],"['cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:windows:*:*']",0,0
CVE-2018-12221,Intel,0.00044,7.8,0.0,0.0,1.0,0.0,1,2019-03-14,1.0,2019-03-12,,,1.0,"Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an integer overflow via local access.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-20'],"['cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:windows:*:*']",0,0
CVE-2018-12223,Intel,0.00044,6.3,0.0,0.0,1.0,0.0,1,2019-03-14,1.0,2019-03-12,,,1.0,"Insufficient access control in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to escape from a virtual machine guest-to-host via local access.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L,LOCAL,LOW,LOW,NONE,CHANGED,LOW,LOW,LOW,MEDIUM,2.0,3.7,['CWE-732'],"['cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:windows:*:*']",0,0
CVE-2018-18093,Intel,0.00044,7.8,0.0,0.0,1.0,0.0,1,2018-12-14,1.0,2018-12-11,,,1.0,Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-732'],"['cpe:2.3:a:intel:vtune_amplifier:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:vtune_amplifier:2018:update1:*:*:*:*:*:*', 'cpe:2.3:a:intel:vtune_amplifier:2018:update2:*:*:*:*:*:*', 'cpe:2.3:a:intel:vtune_amplifier:2018:update3:*:*:*:*:*:*']",0,0
CVE-2018-3615,Intel,0.00047,6.4,0.0,1.0,0.0,0.0,1,2018-08-14,1.0,2018-08-14,,,1.0,Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.,CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N,LOCAL,HIGH,LOW,NONE,CHANGED,HIGH,LOW,NONE,MEDIUM,1.1,4.7,['CWE-203'],"['cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3627,Intel,0.00042,8.2,0.0,1.0,0.0,1.0,1,2018-07-10,1.0,2018-07-10,,,1.0,Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,1.5,6.0,['NVD-CWE-noinfo'],"['cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7020u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7100u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7101e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7101te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7102e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7130u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7167u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7300t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7320:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:7350k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8109u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8130u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8145u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8300t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7y54:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7y57:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7200u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7260u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7267u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7287u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7300hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7300u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7360u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7400t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7440eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7440hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7442eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:7600t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8200y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8259u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8265u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8269u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8300h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8305g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8500b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600t:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6500u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6560u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6567u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6600u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6650u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6660u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6700hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6700t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6700te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6770hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6785r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6820eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6820hk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6820hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6822eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6870hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6920hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:6970hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8086k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8500y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8559u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8565u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8705g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8706g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8709g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8750h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8809g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8850h:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9:8950hk:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w:2123:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w:2125:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w:2133:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w:2135:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w:2145:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w:2155:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w:2175:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w:2195:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3649,Intel,0.00062,7.8,0.0,1.0,0.0,1.0,1,2018-05-10,1.0,2018-02-05,,,1.0,"DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of privilege via remote code execution.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],"['cpe:2.3:h:intel:dual_band_wireless-ac_3160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_3160:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_7260:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-n_7260:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-n_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:wireless-n_7260:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-n_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_7260:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_7265:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-n_7265:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-n_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:wireless-n_7265:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-n_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_3165:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_3165:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_7265:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-n_7265:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-n_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:wireless-n_7265:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-n_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_3168:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_3168:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:tri-band_wireless-ac_17265:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:tri-band_wireless-ac_17265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_8260:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:tri-band_wireless-ac_18260:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:tri-band_wireless-ac_18260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:dual_band_wireless-ac_8265:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_8265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:tri-band_wireless-ac_18265:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:tri-band_wireless-ac_18265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:wireless-ac_9260:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:wireless-ac_9560:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:wireless-ac_9461:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9461:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:wireless-ac_9462:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9462:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3665,Intel,0.00074,5.6,0.0,1.0,0.0,0.0,1,2018-06-21,0.0,,1.0,2018-06-13,,System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N,LOCAL,HIGH,LOW,NONE,CHANGED,HIGH,NONE,NONE,MEDIUM,1.1,4.0,['CWE-200'],"['cpe:2.3:h:intel:core_i3:330e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:330m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:330um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:350m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:370m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:380m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:380um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:390m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:530:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:540:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:550:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:560:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2102:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2105:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2115c:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2120:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2120t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2125:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2130:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2310e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2310m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2312m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2328m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2330e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2330m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2340ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2348m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2350m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2357m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2365m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2367m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2370m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2375m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:2377m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3110m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3115c:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3120m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3120me:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3130m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3210:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3217u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3217ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3220:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3220t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3225:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3227u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3229y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3240:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3240t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3245:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3250:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:3250t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4000m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4005u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4010u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4010y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4012y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4020y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4025u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4030u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4030y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4100e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4100m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4100u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4102e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4110e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4110m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4112e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4120u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4130:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4130t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4150:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4150t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4158u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4160:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4160t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4170:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4170t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4330:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4330t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4330te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4340:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4340te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4350:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4350t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4360:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4360t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4370:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:4370t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:5005u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:5010u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:5015u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:5020u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:5157u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:430m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:430um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:450m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:460m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:470um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:480m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:520e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:520m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:520um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:540m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:540um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:560m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:560um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:580m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2310:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2320:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2380p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2390t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2400s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2405s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2410m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2430m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2435m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2450m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2450p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2467m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2500k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2500s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2510e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2515e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2520m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2537m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2540m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2550k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:2557m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3210m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3230m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3317u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3320m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3330:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3330s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3337u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3339y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3340:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3340m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3340s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3350p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3360m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3380m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3427u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3437u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3439y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3450:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3450s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3470:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3470s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3470t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3475s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3550:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3550s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3570:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3570k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3570s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3570t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:3610me:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4200h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4200m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4200u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4200y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4202y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4210h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4210m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4210u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4210y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4220y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4250u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4258u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4260u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4278u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4288u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4300m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4300u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4300y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4302y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4308u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4310m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4310u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4330m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4340m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4350u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4360u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4400e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4402e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4402ec:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4410e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4422e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4430:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4430s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4440:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4440s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4460:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4460s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4460t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4570:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4570r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4570s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4570t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4570te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4590:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4590s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4590t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4670:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4670k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4670r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4670s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4670t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4690:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4690k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4690s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:4690t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5200u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5250u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5257u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5287u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5300u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5350h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5350u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5575r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5675c:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:5675r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:920:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:920xm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:930:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:940:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:940xm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:950:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:960:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:965:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:970:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:975:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:980:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:980x:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:990x:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2600s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2610ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2617m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2620m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2629m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2630qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2635qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2637m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2640m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2649m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2655le:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2657m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2670qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2675qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2677m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2710qe:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2715qe:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2720qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2760qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2820qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2860qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2920xm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:2960xm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3517u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3517ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3520m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3537u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3540m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3555le:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3610qe:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3610qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3612qe:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3612qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3615qe:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3615qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3630qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3632qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3635qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3667u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3687u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3689y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3720qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3740qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3770:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3770k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3770s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3770t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3820qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:3840qm:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4500u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4510u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4550u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4558u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4578u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4600m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4600u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4610m:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4610y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4650u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4700ec:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4700eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4700hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4700mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4702ec:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4702hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4702mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4710hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4710mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4712hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4712mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4720hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4722hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4750hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4760hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4765t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4770te:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4771:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4785t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4790:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4790k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4790s:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4790t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4800mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4810mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4850hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4860hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4870hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4900mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4910mq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4950hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4960hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:4980hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5500u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5550u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5557u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5600u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5650u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5700eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5700hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5750hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5775c:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5775r:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5850eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5850hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:5950hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y10:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y10a:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y10c:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y31:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y51:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y70:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m:5y71:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3:6y30:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3:7y30:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3:7y32:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m5:6y54:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m5:6y57:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m7:6y75:*:*:*:*:*:*:*', 'cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*', 'cpe:2.3:a:citrix:xenserver:7.3:*:*:*:*:*:*:*', 'cpe:2.3:a:citrix:xenserver:7.4:*:*:*:*:*:*:*', 'cpe:2.3:a:citrix:xenserver:7.5:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:x64:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:x64:*']",0,0
CVE-2019-0114,Intel,0.00044,4.7,0.0,0.0,1.0,0.0,1,2019-05-17,1.0,2019-05-14,,,1.0,A race condition in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access.,CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.0,3.6,['CWE-362'],"['cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:windows:*:*']",0,0
CVE-2019-0115,Intel,0.00044,5.5,0.0,0.0,1.0,0.0,1,2019-05-17,1.0,2019-05-14,,,1.0,Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-20'],"['cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:windows:*:*', 'cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:windows:*:*']",0,0
CVE-2019-0145,Intel,0.00044,7.8,0.0,1.0,1.0,1.0,1,2019-11-14,1.0,2019-11-12,,,1.0,Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-120'],"['cpe:2.3:o:intel:ethernet_controller_x710-tm4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_controller_x710-tm4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ethernet_controller_x710-at2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_controller_x710-at2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ethernet_controller_xxv710-am2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_controller_xxv710-am2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ethernet_controller_xxv710-am1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_controller_xxv710-am1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ethernet_controller_x710-bm2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_controller_x710-bm2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ethernet_controller_710-bm1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_controller_710-bm1:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:ethernet_700_series_software:*:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*']",0,0
CVE-2019-0178,Intel,0.00044,3.6,0.0,0.0,1.0,0.0,1,2019-06-13,0.0,,1.0,2019-06-11,,Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N,LOCAL,HIGH,LOW,NONE,UNCHANGED,LOW,LOW,NONE,LOW,1.0,2.5,['CWE-522'],"['cpe:2.3:a:intel:open_cloud_integrity_tehnology:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:openattestation:-:*:*:*:*:*:*:*']",0,0
CVE-2019-0182,Intel,0.00044,3.3,0.0,0.0,1.0,0.0,1,2019-06-13,0.0,,1.0,2019-06-11,,Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,['CWE-522'],"['cpe:2.3:a:intel:open_cloud_integrity_tehnology:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:openattestation:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11103,Intel,0.00044,7.8,0.0,0.0,0.0,1.0,1,2019-12-18,1.0,2019-11-12,,,1.0,"Insufficient input validation in firmware update software for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-20'],"['cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-12312,Intel,0.0007,6.8,0.0,1.0,1.0,1.0,1,2020-11-12,1.0,2020-11-10,,,1.0,Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.2 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:intel:quartus_prime_pro:*:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:stratix_10_fpga_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:stratix_10_fpga:-:*:*:*:*:*:*:*']",0,0
CVE-2020-12336,Intel,0.00044,7.8,0.0,1.0,0.0,1.0,1,2020-11-12,1.0,2020-11-10,,,1.0,Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-1188'],"['cpe:2.3:o:intel:nuc_8_mainstream-g_kit_nuc8i5inh_firmware:inwhl357.0036:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_mainstream-g_kit_nuc8i5inh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_mainstream-g_kit_nuc8i7inh_firmware:inwhl357.0036:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_mainstream-g_kit_nuc8i7inh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_mainstream-g_mini_pc_nuc8i5inh_firmware:inwhl357.0036:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_mainstream-g_mini_pc_nuc8i5inh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh_firmware:inwhl357.0036:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_pro_board_nuc8i3pnb_firmware:pnwhl357.0037:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_pro_board_nuc8i3pnb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_pro_kit_nuc8i3pnh_firmware:pnwhl357.0037:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_pro_kit_nuc8i3pnh:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_pro_kit_nuc8i3pnk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_pro_kit_nuc8i3pnk_firmware:pnwhl357.0037:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_pro_mini_pc_nuc8i3pnk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_pro_mini_pc_nuc8i3pnk_firmware:pnwhl357.0037:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_rugged_kit_nuc8cchkr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_rugged_kit_nuc8cchkr_firmware:chaplcel.0049:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_9_pro_kit_nuc9v7qnx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_9_pro_kit_nuc9v7qnx_firmware:qncflx70.34:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_9_pro_kit_nuc9vxqnx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_9_pro_kit_nuc9vxqnx_firmware:qncflx70.34:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_board_h27002-400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_board_h27002-400_firmware:tybyt10h.86a:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_board_h27002-401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_board_h27002-401_firmware:tybyt10h.86a:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_board_h27002-402_firmware:tybyt10h.86a:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_board_h27002-402:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_board_h27002-404_firmware:tybyt10h.86a:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_board_h27002-404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_board_h27002-500_firmware:tybyt20h.86a:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_board_h27002-500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_board_nuc8cchb_firmware:chaplcel.0049:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_board_nuc8cchb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_kit_h26998-401_firmware:tybyt10h.86a:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_kit_h26998-401:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_kit_h26998-402_firmware:tybyt10h.86a:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_kit_h26998-402:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_kit_h26998-403_firmware:tybyt10h.86a:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_kit_h26998-403:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_kit_h26998-404_firmware:tybyt10h.86a:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_kit_h26998-404:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_kit_h26998-405_firmware:tybyt10h.86a:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_kit_h26998-405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_kit_h26998-500_firmware:tybyt20h.86a:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_kit_h26998-500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-12357,Intel,0.00044,6.7,0.0,1.0,0.0,1.0,1,2021-06-09,1.0,2021-06-08,,,1.0,Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-665'],"['cpe:2.3:o:intel:bios:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1060ng7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1068ng7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1180g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185g7e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185gre:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1195g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6498du:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6500u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6560u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6567u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6600u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6650u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6660u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6770hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6785r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820eq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820hk:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6822eq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6870hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6920hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6970hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7500u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7560u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7567u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7600u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7660u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820eq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820hk:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7920hq:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7y75:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8665ue:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10900x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10920x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10940x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10980xe:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3104:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3106:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3206r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1513n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1518:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1521:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1523n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1524n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1527:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1528:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1529:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1531:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1533n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1537:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1539:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1540:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1541:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1543n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1548:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1553n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1557:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1559:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1563n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1567:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1571:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1573n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1577:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1581:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1587:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1602:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1612:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1622:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1623n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1627:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1632:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1633n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1637:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1649n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1653n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2123it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2141i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2142it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2143it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2145nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2146nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2161i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2163it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2166nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2173it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2177nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2183it:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2187nt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2191:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2104g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2124:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2124g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2126g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2134:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2136:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2144g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2146g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2174g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2176g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2176m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2186g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2186m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2224:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2224g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2226g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2226ge:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2234:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2236:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2244g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2246g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2254me:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2254ml:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2274g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276me:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276ml:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2286g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1205_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1220_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1220_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1225_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1225_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1230_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1230_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1235l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1245_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1245_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1260l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1268l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1270_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1270_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1275_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1275_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1280_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1280_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1285_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1501l_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1501m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505l_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1515m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1535m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1535m_v6:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1545m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1558l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1565l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1575m_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1578l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1585_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1585l_v5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1428l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1603_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1603_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1607_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1607_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1630_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1680_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2408l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2418l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2428l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2438l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2603_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2603_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2608l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2608l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2609_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2609_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2618l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2618l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2623_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2623_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2628l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2637_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2637_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2640_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2643_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2643_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2648l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2648l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650l_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658a_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2667_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2670_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2679_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2680_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2683_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2683_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2685_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2687w_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2687w_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2689_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2690_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2690_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2695_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2695_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2698_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2698_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699r_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4610_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4610_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4620_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4627_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4627_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4640_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4648_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4650_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4655_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4655_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4660_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4667_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4669_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4669_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4809_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4820_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4830_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4850_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8855_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8860_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8867_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8870_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8880_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8890_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8891_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8893_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8894_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5115:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5117:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5117f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5118:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5119t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5120t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5122:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5219y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6122:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6128:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6129:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6132:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6134:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6134m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6135:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6136:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6137:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6140:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6140m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6142:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6142f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6142m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6143:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6144:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6146:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6148:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6148f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6150:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6152:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6154:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6162:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6208u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6222:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6226r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6234:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6242r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6246r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6248r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6250:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6250l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6256:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6258r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6262:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6269y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8153:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8156:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8158:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8164:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8165:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8170:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8170m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8174:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8180:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8180m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8274:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8284:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9221:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9222:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4106h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4108:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4109t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4110:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4112:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4114:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4114t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4116:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4116t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4123:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4215r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-10855m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-10885m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11855m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11955m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1270:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1270e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1270te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1350:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1350p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1370:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1370p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1390:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1390p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1390t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2102:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2104:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2123:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2125:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2133:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2135:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2145:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2155:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2195:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3175x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3235:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:aff_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:e-series_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:fas_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_cpu_1518-4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_cpu_1518-4:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8692,Intel,0.00044,6.7,0.0,1.0,0.0,0.0,1,2020-11-12,1.0,2020-11-10,,,1.0,Insufficient access control in the firmware of the Intel(R) Ethernet 700 Series Controllers before version 7.3 may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:intel:v710-at2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:v710-at2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:x710-tm4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:x710-tm4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:x710-at2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:x710-at2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xxv710-am2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xxv710-am2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xxv710-am1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xxv710-am1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:x710-bm2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:x710-bm2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xl710-bm2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xl710-bm2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xl710-bm1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xl710-bm1:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8698,Intel,0.00047,5.5,0.0,1.0,0.0,1.0,1,2020-11-12,1.0,2021-02-16,,,0.0,Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-668'],"['cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8704,Intel,0.00044,6.4,0.0,0.0,1.0,0.0,1,2021-06-09,1.0,2021-06-08,,,1.0,Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.5,5.9,['CWE-362'],"['cpe:2.3:a:intel:local_manageability_service:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc527g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc527g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*']",0,0
CVE-2021-0067,Intel,0.00044,6.7,0.0,1.0,0.0,1.0,1,2021-06-09,1.0,2021-06-08,,,1.0,&nbsp;Improper access control in system firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:intel:nuc_m15_laptop_kit_lapbc510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_m15_laptop_kit_lapbc510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_m15_laptop_kit_lapbc710_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_m15_laptop_kit_lapbc710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_compute_element_cm11ebc4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_compute_element_cm11ebc4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_compute_element_cm11ebi38w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_compute_element_cm11ebi38w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_compute_element_cm11ebi58w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_compute_element_cm11ebi58w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_compute_element_cm11ebi716w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_compute_element_cm11ebi716w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_performance_kit_nuc11paki3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_performance_kit_nuc11paki3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_performance_kit_nuc11paki5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_performance_kit_nuc11paki5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_performance_kit_nuc11paki7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_performance_kit_nuc11paki7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_performance_mini_pc_nuc11paqi50wa_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_performance_mini_pc_nuc11paqi50wa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_performance_mini_pc_nuc11paqi70qa_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_performance_mini_pc_nuc11paqi70qa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_board_nuc11tnbi3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_board_nuc11tnbi5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_board_nuc11tnbi7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi30l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi30l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi30p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi30p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi50l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi50l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi50w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi50w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi70l_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi70l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi70q_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi70q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnki3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnki5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnki7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_enthusiast_kit_nuc11phki7c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_enthusiast_kit_nuc11phki7c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_11_enthusiast_mini_pc_nuc11phki7caa_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_11_enthusiast_mini_pc_nuc11phki7caa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i3fnh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i3fnh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i3fnhf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i3fnhf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i3fnk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i3fnk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i5fnh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i5fnh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i5fnhf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i5fnhf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i5fnhj_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i5fnhj:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i5fnk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i5fnk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i5fnkp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i5fnkp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i7fnh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i7fnh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i7fnhc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i7fnhc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i7fnk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i7fnk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_kit_nuc10i7fnkp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_kit_nuc10i7fnkp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i3fnhfa_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i3fnhfa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i3fnhja_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i3fnhja:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i5fnhca_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i5fnhca:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i5fnhja_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i5fnhja:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i5fnkpa_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i5fnkpa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i7fnhaa_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i7fnhaa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i7fnhja_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i7fnhja:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_10_performance_mini_pc_nuc10i7fnkpa_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_10_performance_mini_pc_nuc10i7fnkpa:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_9_pro_compute_element_nuc9v7qnb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_9_pro_compute_element_nuc9v7qnb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_9_pro_compute_element_nuc9vxqnb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_9_pro_compute_element_nuc9vxqnb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_9_pro_kit_nuc9v7qnx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_9_pro_kit_nuc9v7qnx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_9_pro_kit_nuc9vxqnx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_9_pro_kit_nuc9vxqnx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_business\\,_a_mini_pc_with_windows_10_nuc8i7hnkqc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_business\\,_a_mini_pc_with_windows_10_nuc8i7hnkqc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_enthusiast\\,_a_mini_pc_with_windows_10_nuc8i7hvkva_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_enthusiast\\,_a_mini_pc_with_windows_10_nuc8i7hvkva:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_enthusiast\\,_a_mini_pc_with_windows_10_nuc8i7hvkvaw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_enthusiast\\,_a_mini_pc_with_windows_10_nuc8i7hvkvaw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_kit_nuc8i7hnk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_kit_nuc8i7hnk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_kit_nuc8i7hvk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_kit_nuc8i7hvk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_rugged_kit_nuc8cchkr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_rugged_kit_nuc8cchkr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_board_nuc8cchb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_board_nuc8cchb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_compute_element_cm8ccb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_compute_element_cm8ccb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_compute_element_cm8i3cb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_compute_element_cm8i3cb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_compute_element_cm8i5cb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_compute_element_cm8i5cb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_compute_element_cm8i7cb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_compute_element_cm8i7cb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_compute_element_cm8pcb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_compute_element_cm8pcb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_pro_board_nuc8i3pnb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_pro_board_nuc8i3pnb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_pro_kit_nuc8i3pnh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_pro_kit_nuc8i3pnh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_pro_kit_nuc8i3pnk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_pro_kit_nuc8i3pnk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_mainstream-g_kit_nuc8i5inh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_mainstream-g_kit_nuc8i5inh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_mainstream-g_kit_nuc8i7inh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_mainstream-g_kit_nuc8i7inh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_mainstream-g_mini_pc_nuc8i5inh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_mainstream-g_mini_pc_nuc8i5inh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_8_mainstream-g_mini_pc_nuc8i7inh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_7_essential\\,_a_mini_pc_with_windows_10_nuc7cjysal_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_7_essential\\,_a_mini_pc_with_windows_10_nuc7cjysal:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_kit_nuc7cjyh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_kit_nuc7cjyh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_kit_nuc7pjyh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_kit_nuc7pjyh:-:*:*:*:*:*:*:*']",0,0
CVE-2021-26313,Intel,0.00053,5.5,0.0,1.0,0.0,0.0,1,2021-06-09,0.0,,0.0,,,"Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,"['CWE-203', 'CWE-208']","['cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*', 'cpe:2.3:h:amd:ryzen_5_5600x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:amd:ryzen_7_2700x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:amd:ryzen_threadripper_2990wx:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arm:cortex-a72:-:*:*:*:*:*:*:*', 'cpe:2.3:h:broadcom:bcm2711:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9900k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*']",0,0
CVE-2021-33069,Intel,0.00044,5.5,0.0,1.0,0.0,1.0,1,2022-05-12,1.0,2022-05-10,,,1.0,"Improper resource shutdown or release in firmware for some Intel(R) SSD, Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC may allow a privileged user to potentially enable denial of service via local access.

",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-404'],"['cpe:2.3:o:intel:optane_ssd_dc_p4800x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_ssd_dc_p4800x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_ssd_dc_p4801x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_ssd_dc_p4801x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_ssd_p5800x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_ssd_p5800x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_memory_h20_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_memory_h20_with_solid_state_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_memory_h10_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_memory_h10_with_solid_state_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_ssd_905p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_ssd_905p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_ssd_900p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_ssd_900p_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-33074,Intel,0.00064,4.6,0.0,1.0,0.0,1.0,1,2022-05-12,1.0,2022-05-10,,,1.0,"Protection mechanism failure in firmware for some Intel(R) SSD, Intel(R) SSD DC and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.9,3.6,['NVD-CWE-Other'],"['cpe:2.3:h:intel:optane_ssd_dc_p4800x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_ssd_dc_p4800x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_ssd_dc_p4801x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_ssd_dc_p4801x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_ssd_p5800x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_ssd_p5800x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_memory_h20_with_solid_state_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_memory_h20_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_memory_h10_with_solid_state_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_memory_h10_with_solid_state_storage_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_ssd_905p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_ssd_905p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:optane_ssd_900p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:optane_ssd_900p_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-33126,Intel,0.00044,4.4,0.0,1.0,0.0,1.0,1,2022-08-18,1.0,2022-08-09,,,1.0,Improper access control in the firmware for some Intel(R) 700 and 722 Series Ethernet Controllers and Adapters before versions 8.5 and 1.5.5 may allow a privileged user to potentially enable denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,0.8,3.6,['NVD-CWE-Other'],"['cpe:2.3:o:intel:ethernet_controller_xxv710_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_controller_xxv710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ethernet_controller_xl710_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_controller_xl710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ethernet_controller_v710_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_controller_v710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ethernet_controller_x710_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_controller_x710:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ethernet_network_adapter_x722da2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_network_adapter_x722da2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ethernet_network_adapter_x722da4fh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_network_adapter_x722da4fh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ethernet_network_adapter_x722da4g1p5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_network_adapter_x722da4g1p5:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44228,Intel,0.96763,10.0,1.0,0.0,1.0,0.0,1,2021-12-10,1.0,2021-12-23,,,0.0,"Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,6.0,"['CWE-20', 'CWE-917']","['cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*', 'cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*', 'cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*', 'cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:captial:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:captial:2019.1:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:captial:2019.1:sp1912:*:*:*:*:*:*', 'cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:desigo_cc_info_center:5.0:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:desigo_cc_info_center:5.1:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:e-car_operation_center:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:energy_engage:3.1:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:energyip:8.5:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:energyip:8.6:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:energyip:8.7:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:energyip:9.0:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:energyip_prepay:3.7:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:energyip_prepay:3.8:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:head-end_system_universal_device_integration_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:industrial_edge_management:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:industrial_edge_management_hub:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:logo\\!_soft_comfort:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:mindsphere:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:navigator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sentron_powermanager:4.1:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sentron_powermanager:4.2:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siguard_dsa:4.2:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siguard_dsa:4.3:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siguard_dsa:4.4:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_command:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_vantage:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:siveillance_viewpoint:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge_cam_pro:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge_harness_design:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge_harness_design:2020:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge_harness_design:2020:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002:*:*:*:*:*:*', 'cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:*', 'cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:*', 'cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:spectrum_power_7:2.30:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:spectrum_power_7:2.30:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2:*:*:*:*:*:*', 'cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:vesys:*:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:vesys:2019.1:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:vesys:2019.1:-:*:*:*:*:*:*', 'cpe:2.3:a:siemens:vesys:2019.1:sp1912:*:*:*:*:*:*', 'cpe:2.3:a:siemens:xpedition_enterprise:-:*:*:*:*:*:*:*', 'cpe:2.3:a:siemens:xpedition_package_integrator:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:audio_development_kit:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:computer_vision_annotation_tool:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:data_center_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:genomics_kernel_library:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:oneapi_sample_browser:-:*:*:*:*:eclipse:*:*', 'cpe:2.3:a:intel:secure_device_onboard:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:sensor_solution_firmware_development_kit:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:system_debugger:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:system_studio:-:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*', 'cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*', 'cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*', 'cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*', 'cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*', 'cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:vmware_vsphere:*:*', 'cpe:2.3:a:cisco:advanced_malware_protection_virtual_private_cloud_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:automated_subsea_tuning:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:broadworks:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cloud_connect:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cloudcenter:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cloudcenter_cost_optimizer:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cloudcenter_suite_admin:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cloudcenter_workload_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_mobile_experiences:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:contact_center_domain_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:contact_center_management_portal:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_data_gateway:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_network_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_network_controller:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_optimization_engine:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_optimization_engine:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_platform_infrastructure:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_platform_infrastructure:4.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:customer_experience_cloud_agent:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:data_center_network_manager:11.3\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:dna_spaces\\:_connector:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:enterprise_chat_and_email:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:finesse:12.6\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:fog_director:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:2.4.0:-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:intersight_virtual_appliance:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:iot_operations_dashboard:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_assurance_engine:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:nexus_insights:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:optical_network_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:packaged_contact_center_enterprise:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:packaged_contact_center_enterprise:11.6\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:paging_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:prime_service_catalog:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_central:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_director:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:-:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:-:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:session_management:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_enterprise:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_customer_voice_portal:11.6:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_customer_voice_portal:12.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_customer_voice_portal:12.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:video_surveillance_operations_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:virtual_topology_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:wan_automation_engine:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:-:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch4:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch5:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_2:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_3:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release4:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release3:*:*:*:*:*:*', 'cpe:2.3:a:cisco:workload_optimization_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:unified_intelligence_center:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:unified_sip_proxy:*:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:unified_workforce_optimization:*:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:fxos:6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:fxos:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:fxos:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:fxos:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:fxos:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:fxos:6.7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:fxos:7.0.0:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:fxos:7.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:automated_subsea_tuning:02.01.00:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:broadworks:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cloudcenter_suite:4.10\\(0.15\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cloudcenter_suite:5.3\\(0\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cloudcenter_suite:5.4\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(0\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.000\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.001\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.002\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.000\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.001\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.002\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:common_services_platform_collector:002.010\\(000.000\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.004.000.003:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.000:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.000.001:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.001.000:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.002.000:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_analytics_for_network_deployment:7.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.000:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.001.001:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.003:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000.000.004:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_network_automation:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_network_automation:2.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_network_automation:3.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_network_automation:4.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:crosswork_network_automation:4.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cx_cloud_agent:001.012:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:4.0.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:dna_center:2.2.2.8:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:dna_spaces:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:dna_spaces_connector:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:emergency_responder:11.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:emergency_responder:11.5\\(4.65000.14\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:emergency_responder:11.5\\(4.66000.14\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:enterprise_chat_and_email:12.0\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:enterprise_chat_and_email:12.5\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:enterprise_chat_and_email:12.6\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:finesse:12.5\\(1\\):su1:*:*:*:*:*:*', 'cpe:2.3:a:cisco:finesse:12.5\\(1\\):su2:*:*:*:*:*:*', 'cpe:2.3:a:cisco:finesse:12.6\\(1\\):-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:finesse:12.6\\(1\\):es01:*:*:*:*:*:*', 'cpe:2.3:a:cisco:finesse:12.6\\(1\\):es02:*:*:*:*:*:*', 'cpe:2.3:a:cisco:finesse:12.6\\(1\\):es03:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:002.004\\(000.914\\):-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:002.006\\(000.156\\):-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:002.007\\(000.356\\):-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:003.000\\(000.458\\):-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:003.001\\(000.518\\):-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:identity_services_engine:003.002\\(000.116\\):-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:integrated_management_controller_supervisor:002.003\\(002.000\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.3.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:intersight_virtual_appliance:1.0.9-343:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:mobility_services_engine:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_assurance_engine:6.0\\(2.1912\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.0\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.1\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.2\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.3\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.4\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(2\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(3\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_insights_for_data_center:6.0\\(2.1914\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_services_orchestrator:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:optical_network_controller:1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:paging_server:8.3\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:paging_server:8.4\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:paging_server:8.5\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:paging_server:9.0\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:paging_server:9.0\\(2\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:paging_server:9.1\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:paging_server:12.5\\(2\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:paging_server:14.0\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:prime_service_catalog:12.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vmanage:20.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vmanage:20.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vmanage:20.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vmanage:20.6:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vmanage:20.6.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vmanage:20.7:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:sd-wan_vmanage:20.8:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:smart_phy:3.1.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:smart_phy:3.1.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:smart_phy:3.1.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:smart_phy:3.1.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:smart_phy:3.2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:smart_phy:21.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_central_software:2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_central_software:2.0\\(1a\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_central_software:2.0\\(1b\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_central_software:2.0\\(1c\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_central_software:2.0\\(1d\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_central_software:2.0\\(1e\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_central_software:2.0\\(1f\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_central_software:2.0\\(1g\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_central_software:2.0\\(1h\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_central_software:2.0\\(1k\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:ucs_central_software:2.0\\(1l\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.17900.52\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18119.2\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18900.97\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.21900.40\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.22900.28\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager_im_\\&_presence_service:11.5\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_communications_manager_im_\\&_presence_service:11.5\\(1.22900.6\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_computing_system:006.008\\(001.000\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_enterprise:12.0\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_enterprise:12.5\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(2\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):su1:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(2\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_contact_center_management_portal:12.6\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_customer_voice_portal:11.6\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_customer_voice_portal:12.0\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_customer_voice_portal:12.5\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_customer_voice_portal:12.6\\(1\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es01:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es02:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(2\\):-:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(000\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(001\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(000\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(001\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unified_workforce_optimization:11.5\\(1\\):sr7:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unity_connection:11.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:unity_connection:11.5\\(1.10000.6\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(1.26\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(2.26\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(3.025\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(4.018\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:virtual_topology_system:2.6.6:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:wan_automation_engine:7.1.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:wan_automation_engine:7.2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:wan_automation_engine:7.2.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:wan_automation_engine:7.2.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:wan_automation_engine:7.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:wan_automation_engine:7.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:wan_automation_engine:7.5:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:wan_automation_engine:7.6:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:3.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_meetings_server:4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:snowsoftware:snow_commander:*:*:*:*:*:*:*:*', 'cpe:2.3:a:snowsoftware:vm_access_proxy:*:*:*:*:*:*:*:*', 'cpe:2.3:a:bentley:synchro:*:*:*:*:pro:*:*:*', 'cpe:2.3:a:bentley:synchro_4d:*:*:*:*:pro:*:*:*', 'cpe:2.3:a:percussion:rhythmyx:*:*:*:*:*:*:*:*', 'cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*']",3,0
CVE-2022-34152,Intel,0.00044,6.7,0.0,1.0,0.0,1.0,1,2022-11-11,1.0,2022-11-08,,,1.0,"Improper input validation in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Kits before version TY0070 may allow a privileged user to potentially enable escalation of privilege via local access.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-20'],"['cpe:2.3:o:intel:nuc_board_de3815tybe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_board_de3815tybe:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:nuc_kit_de3815tykhe_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:nuc_kit_de3815tykhe:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5696,Intel,0.0007,7.8,0.0,0.0,1.0,0.0,0,2018-01-18,1.0,2018-01-16,,,1.0,"Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],"['cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.1.64.4256:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.4.64.4256:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.7.64.4279:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.14.4352:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.26.4474:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:*:*:*']",0,0
CVE-2017-5727,Intel,0.00044,7.8,0.0,0.0,1.0,0.0,0,2018-02-02,1.0,2018-01-30,,,1.0,"Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 15.45.x.x, 15.46.x.x allows unprivileged user to elevate privileges via local access.",CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-476'],"['cpe:2.3:a:intel:graphics_driver:15.40.1.64.4256:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.4.64.4256:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.7.64.4279:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.14.4352:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.26.4474:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.46.02.4729:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:15.46.05.4771:*:*:*:*:*:*:*']",0,0
CVE-2018-12173,Intel,0.0013,7.6,0.0,1.0,0.0,1.0,0,2018-10-10,1.0,2018-10-09,,,1.0,"Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,0.9,6.0,['CWE-732'],"['cpe:2.3:o:intel:server_board_s2600bp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_board_s2600bp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:server_board_s2600wf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_board_s2600wf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:server_board_s2600st_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_board_s2600st:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:server_board_s2600bpr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_board_s2600bpr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:server_board_s2600wfr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_board_s2600wfr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:server_board_s2600str_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_board_s2600str:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:compute_module_hns2600bp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:compute_module_hns2600bp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:compute_module_hns2600bpr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:compute_module_hns2600bpr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:server_system_r2000wf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_system_r2000wf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:server_system_r1000wf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_system_r1000wf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:server_system_r1000wfr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_system_r1000wfr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:server_system_r2000wfr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_system_r2000wfr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:server_system_h2000g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_system_h2000g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:server_system_h2000gr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_system_h2000gr:-:*:*:*:*:*:*:*']",0,0
CVE-2018-12174,Intel,0.00044,7.8,0.0,0.0,1.0,0.0,0,2018-11-14,1.0,2018-11-13,,,1.0,Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],['cpe:2.3:a:intel:parallel_studio_xe:2018:3:*:*:*:*:*:*'],0,0
CVE-2018-12177,Intel,0.00044,7.8,0.0,1.0,1.0,0.0,0,2019-01-10,1.0,2019-01-08,,,1.0,Improper directory permissions in the ZeroConfig service in Intel(R) PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege via local access.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-732'],"['cpe:2.3:h:intel:dual_band_wireless-ac_3160:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_3165:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_3168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7260_for_desktop:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7265\\(rev_c\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7265_\\(rev_d\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_8265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_8265_desktop_kit:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-n_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-n_7265_\\(rev_c\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-n_7265_\\(rev_d\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:tri-band_wireless-ac_17265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:tri-band_wireless-ac_18260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:tri-band_wireless-ac_18265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9461:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9462:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9560:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-n_7260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-n_7265_\\(rev_c\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-n_7265_\\(rev_d\\):-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:proset\\/wireless_software:*:*:*:*:*:*:*:*']",0,0
CVE-2018-3611,Intel,0.00086,6.5,0.0,0.0,1.0,0.0,0,2018-05-15,0.0,,1.0,2018-05-14,,Bounds check vulnerability in User Mode Driver in Intel Graphics Driver 15.40.x.4 and 21.20.x.x allows unprivileged user to cause a denial of service via local access.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-20'],"['cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*']",0,0
CVE-2018-3641,Intel,0.00212,9.8,0.0,1.0,0.0,1.0,0,2018-04-03,0.0,,1.0,2018-04-03,,Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to inject keystrokes as a local user.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:intel:remote_keyboard_mobile_app:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:remote_keyboard:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3661,Intel,0.00042,5.5,0.0,0.0,1.0,0.0,0,2018-05-15,1.0,2018-05-15,,,1.0,Buffer overflow in Intel system Configuration utilities selview.exe and syscfg.exe before version 14 build 11 allows a local user to crash these services potentially resulting in a denial of service.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-119'],"['cpe:2.3:a:intel:syscfg:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:selview:*:*:*:*:*:*:*:*']",0,0
CVE-2018-3686,Intel,0.00044,6.7,0.0,0.0,1.0,0.0,0,2018-09-12,1.0,2018-09-11,,,1.0,Code injection vulnerability in INTEL-SA-00086 Detection Tool before version 1.2.7.0 may allow a privileged user to potentially execute arbitrary code via local access.,CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-94'],['cpe:2.3:a:intel:sa-00086_detection_tool:*:*:*:*:*:*:*:*'],0,0
CVE-2019-0127,Intel,0.00042,3.9,0.0,0.0,1.0,0.0,0,2019-02-18,1.0,2019-02-12,,,1.0,Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and before for Linux may allow a privileged user to potentially enable information disclosure via local access.,CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,PHYSICAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,LOW,0.3,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:intel:openvino:2018:r1.1:*:*:*:*:*:*', 'cpe:2.3:a:intel:openvino:2018:r1.2:*:*:*:*:*:*', 'cpe:2.3:a:intel:openvino:2018:r2:*:*:*:*:*:*', 'cpe:2.3:a:intel:openvino:2018:r3:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*']",0,0
CVE-2019-0134,Intel,0.00044,7.8,0.0,0.0,1.0,0.0,0,2019-12-16,1.0,2019-12-10,,,1.0,Improper permissions in the Intel(R) Dynamic Platform and Thermal Framework v8.3.10208.5643 and before may allow an authenticated user to potentially execute code at an elevated level of privilege.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-276'],['cpe:2.3:a:intel:dynamic_platform_and_thermal_framework:*:*:*:*:*:*:*:*'],0,0
CVE-2019-0158,Intel,0.00044,7.8,0.0,0.0,1.0,0.0,0,2019-04-17,1.0,2019-04-09,,,1.0,Insufficient path checking in the installation package for Intel(R) Graphics Performance Analyzer for Linux version 18.4 and before may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:intel:graphics_performance_analyzer:*:*:*:*:*:linux:*:*'],0,0
CVE-2019-11135,Intel,0.00065,6.5,0.0,1.0,0.0,1.0,0,2019-11-14,1.0,2020-09-29,,,0.0,TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,NONE,NONE,MEDIUM,2.0,4.0,['NVD-CWE-noinfo'],"['cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:a:slackware:slackware:14.2:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:apollo_4200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:apollo_4200:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:apollo_2000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:apollo_2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_bl460c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_bl460c:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_dl580_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_dl580:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_dl560_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_dl560:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_dl380_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_dl380:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_dl360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_dl360:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_dl180_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_dl180:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_dl160_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_dl160:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_dl120_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_dl120:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_dl20_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_dl20:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_ml350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_ml350:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_ml110_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_ml110:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_ml30_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_ml30:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_xl450_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_xl450:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_xl270d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_xl270d:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_xl230k_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_xl230k:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_xl190r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_xl190r:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_xl170r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_xl170r:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:synergy_480_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:synergy_480:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:synergy_660_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:synergy_660:gen10:*:*:*:*:*:*:*', 'cpe:2.3:o:hp:proliant_e910_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:proliant_e910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-10510y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-10310y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-10210y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-10110y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10110y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8500y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8310y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8210y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8200y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_m3-8100y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8253_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8253:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8256_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8256:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8260_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8260l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8260l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8260m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8260m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8260y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8260y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8268_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8270_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8276_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8276:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8276l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8276l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8276m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8276m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8280_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8280l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8280l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_8280m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_8280m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_9220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_9220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_9221_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_9221:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_9222_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_9222:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_9242_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_9242:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_9282_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_9282:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5215_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5215:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5215l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5215l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5215m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5215m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5215r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5215r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5217_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5217:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5218_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5218:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5218b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5218b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5218n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5218n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5218t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5218t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5220r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5220r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5220s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5220s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5220t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5220t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_5222_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_5222:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6222v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6222v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6226_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6226:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6230_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6230:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6230n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6230n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6230t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6230t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6234_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6234:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6238_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6238:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6238l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6238l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6238m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6238m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6238t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6238t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6240_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6240:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6240l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6240l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6240m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6240m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6240y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6240y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6242_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6242:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6244_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6246_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6246:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6248_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6248:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6252_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6252:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6252n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6252n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6254_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6254:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_6262v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_6262v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_4208_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_4208:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_4208r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_4208r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_4209t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_4209t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_4210_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_4210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_4210r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_4210r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_4214_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_4214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_4214c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_4214c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_4214r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_4214r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_4214y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_4214y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_4215_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_4215:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_4216_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_4216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_4216r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_4216r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_3204_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_3204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_3206r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_3206r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3275m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3275_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3265m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3265_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3245m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3245_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3235_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3235:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3225_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-3223_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2295_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2275_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2265_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2255_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2245_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2235_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2225_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_w-2223_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-9980hk_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9980hk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-9880h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9880h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9850h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9750hf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9750hf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9400h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9300h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9300h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-9900k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9900k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i9-9900kf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9900kf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9700k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9700kf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700kf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9600k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9600k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9600kf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9600kf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9400f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2288g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2286m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2278gel_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2278ge_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2278g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-10510u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-10210u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:pentium_6405u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_6405u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_5305u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_5305u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8565u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8665u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8365u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8265u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:codeready_linux_builder_eus:8.1:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:codeready_linux_builder_eus:8.2:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:codeready_linux_builder_eus:8.4:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:*', 'cpe:2.3:a:redhat:virtualization_manager:4.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*']",0,0
CVE-2019-11137,Intel,0.00044,8.2,0.0,1.0,0.0,1.0,0,2019-11-14,1.0,2019-11-12,,,1.0,"Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,1.5,6.0,['CWE-20'],"['cpe:2.3:o:intel:xeon_platinum_8253_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8256_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8276_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8276m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8276l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8280l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8280m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8280_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8268_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8270_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8274_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8274:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8284_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8284:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_9242_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_9282_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8153_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8153:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8156_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8156:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8158_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8158:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8176_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8160_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8164_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8164:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8168_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8168:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8170_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8170:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8180_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8180:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8160t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8160f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8176f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6210u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6244_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6212u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6230_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5222_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6248_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6252_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6242_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5217_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6226_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6254_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5220s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5215_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6222v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6252n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5215m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6246_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5215l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5220t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6209u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6262v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6138_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6148_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6148:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5120t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5120t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6136_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6136:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6150_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6152_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6152:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6130_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6128_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6128:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5118_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5118:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6134_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6134:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6126_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5120_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5115_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5115:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6154_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6154:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6140_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6140:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6140m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6140m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6132_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6132:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6138t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6142f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6142f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6130t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6138f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6130f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6126t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6126f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6148f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6148f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6146_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6146:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6144_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6144:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4209t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4210_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4214_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4214y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4215_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4208_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4216_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4116_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4116:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4109t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4109t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4114_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4114:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4112_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4112:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4108_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4108:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4110_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_bronze_3106_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3106:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_bronze_3104_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1602:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1653n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1622:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1623n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1627:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1637:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1633n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1649n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2141i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2177nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2161i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2143it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2146nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2145nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2123it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2173it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2191:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2187nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2142it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2163it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2183it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2166nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1533n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1513n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1543n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1523n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1553n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1539:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1529:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1559:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1557:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1567:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1577:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1571:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1528:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1541:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1518:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1521:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1531:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1548:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1527:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1537:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2699a_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4627_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4627_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4610_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4610_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4620_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4628l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4660_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4640_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4669_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4669_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4667_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4655_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4655_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4650_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1660_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1630_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1620_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1680_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1650_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2687w_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2687w_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2695_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2695_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2690_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2690_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2699_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2650l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2658_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2698_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2698_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2660_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2680_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2697_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2683_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2683_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2628l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2650_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2697a_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2648l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2648l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2620_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2630l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2608l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2608l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2667_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2643_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2643_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2623_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2623_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2609_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2609_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2630_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2618l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2618l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2637_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2637_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2603_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2603_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2640_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8894_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8894_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8893_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8893_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8891_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8891_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8890_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8890_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8880_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8880_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8870_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8870_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8867_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8867_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8860_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8860_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4850_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4850_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4830_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4830_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4820_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4820_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4809_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4809_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3308_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3308:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3336_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3336:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3338_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3338:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3508_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3508:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3538_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3538:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3558_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3558:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3708_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3708:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3750_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3758_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3758:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3808_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3808:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3858_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3858:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3830_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3950_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3950:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3955_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3955:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3958_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3958:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2758_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2758:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2738_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2738:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2718_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2718:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2558_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2558:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2538_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2538:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2518_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2518:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2508_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2508:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2358_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2358:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2338_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2338:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2308_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2308:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2750_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2730_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2730:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2550_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2530_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2516_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2516:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2350_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2316_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2316:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:apollo_4200_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4200_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_bl460c_gen10_server_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl580_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl560_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl380_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl360_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl180_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl160_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl120_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml350_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml110_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl450_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl270d_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl230k_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl190r_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl170r_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_e910_server_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_e910_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_660_gen10_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_660_gen10_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_480_gen10_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_480_gen10_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_bl660c_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl660c_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_bl460c_gen9_server_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen9_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl580_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl560_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl380_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl360_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl180_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl180_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl160_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl120_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl120_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl80_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl80_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl60_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl60_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl730f_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl730f_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl450_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl450_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl250a_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl250a_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl230a_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl230a_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl190r_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl190r_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl170r_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl170r_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_680_gen9_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_680_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_620_gen9_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_620_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_480_gen9_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_480_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml150_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml150_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml110_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml110_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:apollo_4200_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4200_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml350_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ws460c_gen9_graphics_server_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ws460c_gen9_graphics_server_blade:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11156,Intel,0.00042,7.8,0.0,1.0,1.0,0.0,0,2019-11-14,1.0,2019-11-12,,,1.0,"Logic errors in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, denial of service, and information disclosure via local access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:intel:proset\\/wireless_wifi:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_3165:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_3168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_7265_\\(rev_d\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-ac_8265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:dual_band_wireless-n_7265_\\(rev_d\\):-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9461:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9462:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless-ac_9560:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:wireless_7265_\\(rev_d\\):-:*:*:*:*:*:*:*']",0,0
CVE-2019-11166,Intel,0.00044,6.7,0.0,0.0,1.0,0.0,0,2019-09-16,1.0,2019-09-10,,,1.0,Improper file permissions in the installer for Intel(R) Easy Streaming Wizard before version 2.1.0731 may allow an authenticated user to potentially enable escalation of privilege via local attack.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-732'],['cpe:2.3:a:intel:easy_streaming_wizard:*:*:*:*:*:*:*:*'],0,0
CVE-2019-14615,Intel,0.001,5.5,0.0,1.0,0.0,1.0,0,2020-01-17,1.0,2020-01-29,,,0.0,Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e3805:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e3815:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e3825:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e3826:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e3827:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e3845:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e620t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e640:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e640t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e660:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e660t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e680:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e680t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3-c3130:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3-c3200rk:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3-c3230rk:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3-c3405:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3-c3445:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x5-z8300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x5-z8330:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x5-z8500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x7-z8700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2420:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2460:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2480:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2520:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2560:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2760:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3460:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3480:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3530:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3560:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3570:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3590:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3735d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3735e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3735f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3735g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3736f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3736g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3740:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3740d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3745:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3745d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3770:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3770d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3775:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3775d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3795:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron:j4005:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron:j4105:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron:n4000:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron:n4100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3930:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3930t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3950:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4900t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4920:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4930:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4930t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4950:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j1750:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j1800:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j1850:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j1900:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3060:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3160:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3355:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3455:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j4005:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j4105:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j1750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j1800:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j1850:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j1900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2805:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2806:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2807:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2808:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2810:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2815:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2820:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2830:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2840:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2910:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2920:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2930:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2940:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3000:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3010:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3050:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3060:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3150:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3160:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3350:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3450:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n4000:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n4100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2805:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2806:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2807:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2808:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2810:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2815:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2820:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2910:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2920:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n3010:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n3050:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n3060:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n3150:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n3160:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1585:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1585_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1585l:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1585l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1578l:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1578l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1575m:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1575m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1565l:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1565l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1558l:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1558l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1545m:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1545m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1535m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1535m:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1515m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1515m:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1505m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505m:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1505l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505l:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1280_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1280:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1275_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1275:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1270_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1270:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1268l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1268l:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1260l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1260l:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1245_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1245:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1240l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240l:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1240_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1235l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1235l:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1230_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1230:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1225_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1225:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1220:5:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1535m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1535m:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1505m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505m:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1505l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1505l:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1501l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1501l:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1501m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1501m:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1285_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1285:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1280_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1280:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1275_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1275:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1270_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1270:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1245_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1245:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1240_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1240:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1230_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1230:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1225_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1225:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e3-1220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e3-1220:6:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6300t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6300t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6320_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6100e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6100e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6100h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6100h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6100u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6100u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6102e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6102e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6157u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6157u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6167u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6167u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6100t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6100t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6100te:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6100te_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6006u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6006u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-6098p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-6098p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6685r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6685r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6600k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6600k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6600t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6600t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6585r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6585r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6500t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6500t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6500te_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6500te:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6402p_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6402p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6400t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6400t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6440eq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6440eq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6440hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6440hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6442eq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6442eq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6360u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6360u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6350hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6350hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6300hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6300hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6300u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6300u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6200u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6200u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6260u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6260u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6267u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6267u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-6287u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-6287u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6970hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6970hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6920hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6920hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6870hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6870hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6822eq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6822eq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6820hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6820hk_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820hk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6820eq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6820eq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6785r_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6785r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6700k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6700t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6700te_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700te:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6700_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6770hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6770hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6700hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6700hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6660u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6660u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6650u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6650u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6600u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6600u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6567u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6567u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6560u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6560u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-6500u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-6500u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8600t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8600t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8600k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8600k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8500t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8500t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8500b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8500b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8400t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8400t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8400h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8400h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8400b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8400b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8365ue_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8365ue:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8365u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8350u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8310y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8305g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8300h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8300h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8279u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8279u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8269u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8269u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8265u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8259u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8259u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8257u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8257u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8250u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8250u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8210y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8200y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8665ue_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8665ue:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8665u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8557u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8850h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8809g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8750h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8709g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8706g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8706g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8705g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8700t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8700k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8700b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8700_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8569u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8650u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8565u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8559u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8550u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8500y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8086k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8350k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8300t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8145ue_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8145ue:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8145u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8130u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8109u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8100h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8100h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8100b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8100b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8100t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8600t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8600t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8600k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8600k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8500t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8500t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8500b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8500b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8400t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8400t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8400h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8400h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8400b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8400b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8365ue_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8365ue:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8365u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8350u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8310y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8305g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8300h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8300h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8279u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8279u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8269u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8269u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8265u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8259u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8259u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8257u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8257u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8250u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8250u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8210y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-8200y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8665ue_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8665ue:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8665u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8557u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8850h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8809g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8750h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8709g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8706g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8706g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8705g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8700t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8700k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8700b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8700_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8569u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8650u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8565u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8559u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8550u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8500y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-8086k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8350k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8300t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8145ue_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8145ue:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8145u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8130u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8109u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8100h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8100h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8100b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8100b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-8100t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7350k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7350k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7320_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7300t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7300t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7130u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7130u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7102e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7102e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7101e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7101e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7101te_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7101te:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7100t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7100t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7100e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7100e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7167u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7167u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7100u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7100u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7100h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7100h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-7020u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-7020u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7600k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7600k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7600t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7600t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7500t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7500t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7442eq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7442eq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7440hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7440hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7440eq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7440eq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7400t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7400t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7360u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7360u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7300u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7300u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7300hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7300hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7287u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7287u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7267u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7267u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7260u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7260u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7200u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7200u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7y54_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7y54:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-7y57_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-7y57:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7920hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7920hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7820hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820hk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7820hk_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820eq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7820eq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700hq:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7700hq_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7700_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7700k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7700t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7700t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7660u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7660u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7600u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7600u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7567u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7567u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7560u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7560u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7500u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7500u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-7y75_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7y75:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-1035g7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-1035g4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-1035g1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-10310y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-1030g7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-1030g4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-10210u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-10210y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-10110u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-10110y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10110y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-1000g4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-1000g1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-1005g1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-10710u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-1065g7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-1060g7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-10510u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-10510y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9350kf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9350kf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9350k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9350k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9320_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9300t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9300t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9100te_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9100te:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9100t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9100t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9100hl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9100hl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9100f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9100f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9100e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9100e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i3-9100_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-9100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9850hl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9850hl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9850he_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9850he:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9850h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9750hf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9750hf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9750h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9750h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9700te_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700te:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9700t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9700kf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700kf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9700k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9700f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9700e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i7-9700_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9600t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9600t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9600k_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9600k:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9600kf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9600kf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9500te_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9500te:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9500t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9500t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9500f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9500f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9500e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9500e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9400f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9400t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9400h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9400_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9300hf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9300hf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:core_i5-9300h_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9300h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2186g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2186g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2176g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2176g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2146g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2146g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2126g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2126g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2104g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2104g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2124g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2144g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2144g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2174g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2174g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2134_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2134:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2136_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2136:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2124:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2288g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2278g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2286g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2286g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2276g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2276g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2246g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2246g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2236_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2236:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2226g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2226g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2274g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2274g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2244g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2244g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2234_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2234:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2224g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2224g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e-2224_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2224:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e3805_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e3805:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e3815_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e3815:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e3825_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e3825:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e3826_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e3826:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e3827_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e3827:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e3845_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e3845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e620_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e620t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e620t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e640_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e640:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e640t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e640t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e660_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e660:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e660t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e660t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e680_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e680:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_e680t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_e680t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_x3-c3130_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3-c3130:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_x3-c3200rk_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3-c3200rk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_x3-c3230rk_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3-c3230rk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_x3-c3405_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3-c3405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_x3-c3445_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x3-c3445:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_x5-z8300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x5-z8300:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_x5-z8330_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x5-z8330:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_x5-z8500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x5-z8500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_x7-z8700_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x7-z8700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z2420_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2420:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z2460_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2460:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z2480_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z2520_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z2560_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z2580_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z2760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z2760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3460_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3460:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3480_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3480:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3530_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3560_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3570_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3570:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3580_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3580:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3590_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3590:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3735d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3735d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3735e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3735e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3735f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3735f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3735g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3735g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3736f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3736f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3736g_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3736g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3740_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3740:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3740d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3740d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3745_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3745:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3745d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3745d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3770_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3770:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3770d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3770d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3775_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3775:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3775d_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3775d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3785_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3785:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_z3795_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_z3795:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron:j4005:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron:j4105:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron:n4000:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron:n4100:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3930_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3930:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3930t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3930t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g3950_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g3950:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4900t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4900t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4920_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4920:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4930_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4930:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4930t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4930t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_g4950_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g4950:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j1750:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j1800:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j1850:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j1900:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3060:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3160:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3355:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j3455:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j4005:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j:j4105:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j1750_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j1750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j1800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j1800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j1850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j1850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j1900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j1900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j3355e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j4025_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_j4125_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2805:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2806:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2807:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2808:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2810:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2815:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2820:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2830:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2840:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2910:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2920:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2930:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n2940:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3000:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3010:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3050:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3060:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3150:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3160:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3350:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n3450:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n4000:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n:n4100:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2805:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n2805_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2806:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n2806_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2807:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n2807_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n2808_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2808:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n2810_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2810:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n2815_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2815:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n2820_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n2910_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2910:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n2920_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n2920:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n3010_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n3010:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n3050_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n3050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n3060_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n3060:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n3150_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n3150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n3160_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n3160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n3350e_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n4020_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:celeron_n4120_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*']",0,0
CVE-2020-0502,Intel,0.00044,5.3,0.0,0.0,1.0,0.0,0,2020-03-12,1.0,2020-06-12,,,0.0,Improper access control in Intel(R) Graphics Drivers before version 26.20.100.6912 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW,MEDIUM,1.8,3.4,['NVD-CWE-noinfo'],['cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*'],0,0
CVE-2020-0504,Intel,0.00044,7.8,0.0,0.0,1.0,0.0,0,2020-03-12,1.0,2020-03-17,,,0.0,"Buffer overflow in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.30.5103, and 26.20.100.7158 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-120'],"['cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*']",0,0
CVE-2020-0517,Intel,0.00044,5.3,0.0,0.0,1.0,0.0,0,2020-03-12,1.0,2020-03-10,,,1.0,Out-of-bounds write in Intel(R) Graphics Drivers before version 15.36.38.5117 may allow an authenticated user to potentially enable escalation of privilege or denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,LOW,LOW,MEDIUM,1.8,3.4,['CWE-787'],['cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:*:*:*'],0,0
CVE-2020-0555,Intel,0.00044,7.8,0.0,1.0,0.0,1.0,0,2020-08-13,1.0,2020-08-11,,,1.0,Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-20'],"['cpe:2.3:o:intel:ax201_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ax201:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ax200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ax200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ac_9560_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ac_9462_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_9462:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ac_9461_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_9461:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ac_9260_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_9260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ac_8265_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ac_8260_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ac_3168_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_3168:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ac_7265_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_7265:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:ac_3165_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_3165:-:*:*:*:*:*:*:*']",0,0
CVE-2020-0561,Intel,0.00044,7.8,0.0,0.0,1.0,0.0,0,2020-02-13,1.0,2020-02-11,,,1.0,Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-665'],"['cpe:2.3:a:intel:software_guard_extensions_sdk:*:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:software_guard_extensions_sdk:*:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*']",0,0
CVE-2020-0583,Intel,0.00044,8.8,0.0,1.0,1.0,0.0,0,2020-03-12,1.0,2020-03-10,,,1.0,"Improper access control in the subsystem for Intel(R) Smart Sound Technology may allow an authenticated user to potentially enable escalation of privilege via local access. This affects Intel® Smart Sound Technology before versions: 10th Generation Intel® Core™ i7 Processors, version 3431 and 8th Generation Intel® Core™ Processors, version 3349.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,2.0,6.0,['NVD-CWE-noinfo'],"['cpe:2.3:h:intel:core_i7:1060g7:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:1065g7:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:10510u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:10510y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:10710u:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:smart_sound_technology:3431:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8100t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8109u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8130u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8145u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8145ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8300:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8300t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8200y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8210y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8257u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8259u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8265u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8269u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8300h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8305g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8365u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8365ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8400t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8500:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8500b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8500t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5:8600t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8086k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8500y:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8557u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8559u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8565u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8569u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8665u:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8665ue:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700b:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8700t:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8705g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8706g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8709g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8750h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8809g:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7:8850h:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9:8950hk:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3:8100y:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:smart_sound_technology:3349:*:*:*:*:*:*:*']",0,0
CVE-2020-0598,Intel,0.00063,7.8,0.0,0.0,1.0,0.0,0,2020-04-15,0.0,,1.0,2020-04-14,,"Uncontrolled search path in the installer for the Intel(R) Binary Configuration Tool for Windows, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-426'],['cpe:2.3:a:intel:binary_configuration_tool:*:*:*:*:*:windows:*:*'],0,0
CVE-2020-12301,Intel,0.00044,8.2,0.0,1.0,0.0,1.0,0,2020-08-13,1.0,2020-08-11,,,1.0,"Improper initialization in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,1.5,6.0,['CWE-665'],"['cpe:2.3:o:intel:s2600wftr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:s2600wftr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:s2600wf0r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:s2600wf0r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:s2600wfqr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:s2600wfqr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:s2600bpsr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:s2600bpsr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:s2600bpbr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:s2600bpbr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:s2600bpqr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:s2600bpqr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:s2600stqr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:s2600stqr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:s2600stbr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:s2600stbr:-:*:*:*:*:*:*:*']",0,0
CVE-2020-24458,Intel,0.00044,5.2,0.0,1.0,1.0,0.0,0,2021-02-17,1.0,2021-02-09,,,1.0,Incomplete cleanup in some Intel(R) PROSet/Wireless WiFi and Killer (TM) drivers before version 22.0 may allow a privileged user to potentially enable information disclosure and denial of service<b>&nbsp;</b>via adjacent access.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,LOW,MEDIUM,0.9,4.2,['CWE-459'],"['cpe:2.3:a:intel:proset\\/wireless_wifi:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_9461:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_9462:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ax200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ax201:-:*:*:*:*:*:*:*', 'cpe:2.3:a:intel:killer:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ac_1550:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ax1650:-:*:*:*:*:*:*:*']",0,0
CVE-2020-24482,Intel,0.0011,7.5,0.0,1.0,0.0,0.0,0,2021-02-17,1.0,2021-02-09,,,1.0,Improper buffer restrictions in firmware for Intel(R) 7360 Cell Modem before UDE version 9.4.370 may allow unauthenticated user to potentially enable denial of service via network access.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:intel:xmm_7360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xmm_7360_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-8675,Intel,0.0007,6.8,0.0,1.0,0.0,0.0,0,2020-06-15,1.0,2020-06-09,,,1.0,Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:intel:innovation_engine:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:innovation_engine_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-8684,Intel,0.00044,6.7,0.0,1.0,1.0,0.0,0,2020-08-13,1.0,2020-08-11,,,1.0,Improper access control in firmware for Intel(R) PAC with Arria(R) 10 GX FPGA before Intel Acceleration Stack version 1.2.1 may allow a privileged user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:intel:acceleration_stack:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:programmable_acceleration_card_with_arria_10_gx_fpga:-:*:*:*:*:*:*:*']",0,0
CVE-2020-8702,Intel,0.00044,7.3,0.0,0.0,1.0,0.0,0,2021-06-09,1.0,2021-06-08,,,1.0,Uncontrolled search path element in the Intel(R) Processor Diagnostic Tool before version 4.1.5.37 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.3,5.9,['CWE-427'],['cpe:2.3:a:intel:processor_diagnostic_tool:*:*:*:*:*:*:*:*'],0,0
CVE-2021-0055,Intel,0.00044,7.8,0.0,1.0,0.0,1.0,0,2021-06-09,1.0,2021-06-08,,,1.0,Insecure inherited permissions for some Intel(R) NUC 9 Extreme Laptop Kit LAN Drivers before version 10.42 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-732'],"['cpe:2.3:o:intel:lapqc71a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:lapqc71a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:lapqc71b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:lapqc71b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:lapqc71c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:lapqc71c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:lapqc71d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:lapqc71d:-:*:*:*:*:*:*:*']",0,0
CVE-2021-0077,Intel,0.00044,7.8,0.0,0.0,1.0,0.0,0,2021-06-09,1.0,2021-06-08,,,1.0,Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 2021.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-732'],['cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:*:*:*'],0,0
CVE-2021-0113,Intel,0.00062,6.5,0.0,1.0,0.0,0.0,0,2021-06-09,1.0,2021-06-08,,,1.0,"Out of bounds write in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-787'],"['cpe:2.3:o:intel:efi_bios_7215:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:server_board_m10jnp2sb:-:*:*:*:*:*:*:*']",0,0
CVE-2022-0001,Intel,0.00048,6.5,0.0,1.0,0.0,0.0,0,2022-03-11,0.0,,1.0,2022-08-03,,Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,CHANGED,HIGH,NONE,NONE,MEDIUM,2.0,4.0,['NVD-CWE-noinfo'],"['cpe:2.3:h:intel:atom_p5921b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_p5931b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_p5942b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_p5962b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x6200fe:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x6211e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x6212re:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x6413e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x6425e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x6425re:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_x6427fe:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_5305u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_6305:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_6305e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_6600he:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g5205u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g5305u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g5900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g5900t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g5905:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g5905t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g5920:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g5925:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g6900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_g6900t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_j6413:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n4504:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10100f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10100t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10100te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10105:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10105f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10105t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10300t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10305:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10305t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10320:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-10325:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-11100he:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1115g4e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1115gre:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-12100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-12100f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-12100t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-1220p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-12300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-12300t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10110y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10200h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10300h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10400f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10400h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10400t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10500t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10500te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10505:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10600k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10600kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-10600t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11260h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11300h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11320h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11400f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11400h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11400t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1140g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1145g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1145g7e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1145gre:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11500h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11500t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1155g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11600k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11600kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-11600t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-12400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-12400f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-12400t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1240p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-12450h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-12500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-12500h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-12500t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-1250p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-12600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-12600h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-12600k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-12600kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-12600t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9300h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9400h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9600k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-9600kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11390h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1180g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-11850he:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185g7e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1185gre:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1195g7:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1260p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-12650h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-12700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-12700f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-12700h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-12700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-12700kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-12700t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1270p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-12800h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-1280p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7640x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7740x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7800x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-7820x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9700kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9750hf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10850h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10850k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10885h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10900e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10900f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10900k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10900kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10900t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10900te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10900x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10920x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10940x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-10980hk:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-11900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-11900f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-11900h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-11900k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-11900kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-11900t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-11950h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-11980hk:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-12900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-12900f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-12900h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-12900hk:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-12900k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-12900kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-12900t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-7900x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-7920x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-7940x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-7960x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9800x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9820x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9880h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9900k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9900kf:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9900x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9920x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9940x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9960x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_i9-9980hk:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_7505:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g6400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g6400t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g6405:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g6405t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g6405u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g6500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g6500t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g6505:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g6505t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g6600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g6605:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g7400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_gold_g7400t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_j6425:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_n6415:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_silver_j5040:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_silver_n5030:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_silver_n6000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:pentium_silver_n6005:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3206r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d1700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d2700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2314:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2324g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2334:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2336:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2356g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2374g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2378:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2378g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2386g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e-2388g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5315y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5317:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5318h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5318n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5318s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5318y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5320:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5320h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5320t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6208u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6226r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6234:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6242r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6246r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6248r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6250:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6250l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6256:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6258r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6312u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6314u:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6326:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6328h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6328hl:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6330:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6330h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6330n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6334:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6336y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6338:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6338n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6338t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6342:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6346:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6348:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6348h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6354:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8351n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8352m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8352s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8352v:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8352y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8353h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8354h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8356h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8358:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8358p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8360h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8360hl:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8360y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8362:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8368:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8368q:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8376h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8376hl:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8380:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8380h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8380hl:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9221:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9222:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4215r:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4309y:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4310:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4310t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4314:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4316:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-10855:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-10855m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-10885m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11155mle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11155mre:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11555mle:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11555mre:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11855m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11865mld:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11865mre:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-11955m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1250p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1270:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1270p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1290te:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1350:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1350p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1370:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1370p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1390:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1390p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-1390t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3235:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*', 'cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*']",0,0
CVE-2022-28709,Intel,0.00044,4.4,0.0,1.0,0.0,1.0,0,2022-08-18,1.0,2022-08-18,,,1.0,Improper access control in the firmware for some Intel(R) E810 Ethernet Controllers before version 1.6.1.9 may allow a privileged user to potentially enable denial of service via local access.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,0.8,3.6,['NVD-CWE-Other'],"['cpe:2.3:o:intel:ethernet_controller_e810_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:ethernet_controller_e810:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5900,Netcomm,0.00081,5.4,0.0,1.0,0.0,1.0,1,2017-03-29,0.0,,0.0,,,Cross-site scripting (XSS) vulnerability in the NetComm NB16WV-02 router with firmware NB16WV_R0.09 allows remote authenticated users to inject arbitrary web script or HTML via the S801F0334 parameter to hdd.htm.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:h:netcomm:nb16wv-02:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netcomm:nb16wv-02_firmware:nb16wv_r0.09:*:*:*:*:*:*:*']",0,0
CVE-2018-14782,Netcomm,0.00098,7.5,0.0,1.0,0.0,1.0,1,2018-08-10,1.0,2018-08-09,,,1.0,NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device allows access to configuration files and profiles without authenticating the user.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-287', 'CWE-200']","['cpe:2.3:o:netcommwireless:nwl-25_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netcommwireless:nwl-25:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14783,Netcomm,0.00095,8.8,0.0,1.0,0.0,1.0,1,2018-08-10,1.0,2018-08-09,,,1.0,"NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. A cross-site request forgery condition can occur, allowing an attacker to change passwords of the device remotely.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:netcommwireless:nwl-25_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netcommwireless:nwl-25:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14784,Netcomm,0.00069,6.1,0.0,1.0,0.0,1.0,1,2018-08-10,1.0,2018-08-09,,,1.0,"NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device is vulnerable to several cross-site scripting attacks, allowing a remote attacker to run arbitrary code on the device.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:netcommwireless:nwl-25_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netcommwireless:nwl-25:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14785,Netcomm,0.001,7.5,0.0,1.0,0.0,1.0,1,2018-08-10,1.0,2018-08-09,,,1.0,NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The directory of the device is listed openly without authentication.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-200', 'CWE-548']","['cpe:2.3:o:netcommwireless:nwl-25_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:netcommwireless:nwl-25:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6297,Mikrotik,0.00173,5.9,0.0,0.0,0.0,1.0,1,2017-02-27,0.0,,1.0,2017-02-23,,"The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitoring the packets for the transmitted data and obtaining the L2TP secret.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-311'],"['cpe:2.3:o:mikrotik:routeros:6.37.4:*:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.83.3:*:*:*:*:*:*:*']",0,0
CVE-2017-6444,Mikrotik,0.01557,7.5,1.0,1.0,0.0,1.0,1,2017-03-12,0.0,,0.0,,,"The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many ACK packets. After the attacker stops the exploit, the CPU usage is 100% and the router requires a reboot for normal operation.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-400'],"['cpe:2.3:o:mikrotik:routeros:6.25:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:router_hap_lite:-:*:*:*:*:*:*:*']",1,0
CVE-2017-7285,Mikrotik,0.01187,7.5,1.0,0.0,0.0,1.0,1,2017-03-29,0.0,,0.0,,,"A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, preventing the affected router from accepting new TCP connections.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-400'],['cpe:2.3:o:mikrotik:routeros:6.38.5:*:*:*:*:*:*:*'],1,0
CVE-2017-8338,Mikrotik,0.00934,7.5,0.0,0.0,0.0,1.0,1,2017-05-18,0.0,,0.0,,,"A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500 (used for L2TP over IPsec), preventing the affected router from accepting new connections; all devices will be disconnected from the router and all logs removed automatically.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-400'],['cpe:2.3:o:mikrotik:routeros:6.38.5:*:*:*:*:*:*:*'],0,0
CVE-2018-1156,Mikrotik,0.02262,8.8,0.0,0.0,0.0,1.0,1,2018-08-23,1.0,2018-08-22,,,1.0,Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:mikrotik:routeros:*:*:*:*:ltr:*:*:*', 'cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*']",0,0
CVE-2018-1158,Mikrotik,0.00511,6.5,0.0,0.0,0.0,1.0,1,2018-08-23,1.0,2018-08-22,,,1.0,Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-674'],"['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:*:*:*:*:ltr:*:*:*']",0,0
CVE-2018-14847,Mikrotik,0.97442,9.1,1.0,0.0,0.0,1.0,1,2018-08-02,0.0,,0.0,,,MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['CWE-22'],['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*'],1,0
CVE-2018-5951,Mikrotik,0.00115,7.5,0.0,0.0,0.0,1.0,1,2020-03-02,0.0,,0.0,,,An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*'],0,0
CVE-2018-7445,Mikrotik,0.82209,9.8,1.0,0.0,0.0,1.0,1,2018-03-19,1.0,2018-03-12,,,1.0,"A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it. All architectures and all devices running RouterOS before versions 6.41.3/6.42rc27 are vulnerable.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc11:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc12:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc14:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc15:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc18:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc2:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc20:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc23:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc24:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc27:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc5:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc6:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.4.2:rc9:*:*:*:*:*:*']",1,0
CVE-2019-13954,Mikrotik,0.00078,6.5,0.0,0.0,0.0,1.0,1,2019-07-26,1.0,2019-07-20,,,1.0,"Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to memory exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system. Malicious code cannot be injected.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-770'],"['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.45:*:*:*:*:*:*:*']",0,0
CVE-2019-13955,Mikrotik,0.00078,6.5,0.0,0.0,0.0,1.0,1,2019-07-26,1.0,2019-07-20,,,1.0,"Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable to stack exhaustion. By sending a crafted HTTP request, an authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Malicious code cannot be injected.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-674'],"['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.45:*:*:*:*:*:*:*']",0,0
CVE-2019-16160,Mikrotik,0.00635,7.5,0.0,0.0,0.0,1.0,1,2020-10-07,1.0,2019-08-26,,,1.0,An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-191'],['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*'],0,0
CVE-2019-3943,Mikrotik,0.00779,8.1,0.0,0.0,0.0,1.0,1,2019-04-10,1.0,2019-02-13,,,1.0,"MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files outside of the sandbox directory (/rw/disk).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,"['CWE-22', 'CWE-23']","['cpe:2.3:o:mikrotik:routeros:*:*:*:*:ltr:*:*:*', 'cpe:2.3:o:mikrotik:routeros:*:*:*:*:-:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.41:rc31:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.41:rc32:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.41:rc34:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.41:rc37:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.41:rc38:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.41:rc44:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.41:rc47:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.41:rc50:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.41:rc52:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.41:rc56:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.41:rc61:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.41:rc66:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc11:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc12:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc14:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc15:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc18:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc2:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc20:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc23:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc24:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc27:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc28:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc30:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc35:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc37:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc39:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc41:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc43:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc46:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc48:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc49:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc5:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc52:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc56:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc6:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.42:rc9:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc11:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc12:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc14:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc17:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc19:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc21:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc23:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc27:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc29:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc3:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc32:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc34:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc4:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc40:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc42:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc44:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc45:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc5:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc51:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc56:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc6:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc64:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc66:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.43:rc7:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.44:beta14:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.44:beta17:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.44:beta20:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.44:beta28:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.44:beta39:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.44:beta40:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.44:beta50:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.44:beta54:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.44:beta6:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.44:beta61:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.44:beta75:*:*:testing:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.44:beta9:*:*:testing:*:*:*']",0,0
CVE-2019-3976,Mikrotik,0.00128,8.8,0.0,0.0,0.0,1.0,1,2019-10-29,1.0,2019-10-28,,,1.0,"RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulnerable to an arbitrary directory creation vulnerability via the upgrade package's name field. If an authenticated user installs a malicious package then a directory could be created and the developer shell could be enabled.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-22', 'CWE-23']","['cpe:2.3:o:mikrotik:routeros:*:*:*:*:ltr:*:*:*', 'cpe:2.3:o:mikrotik:routeros:*:*:*:*:-:*:*:*']",0,0
CVE-2019-3978,Mikrotik,0.01228,7.5,1.0,0.0,0.0,1.0,1,2019-10-29,1.0,2019-10-28,,,1.0,"RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker's choice. The DNS responses are cached by the router, potentially resulting in cache poisoning",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:o:mikrotik:routeros:*:*:*:*:ltr:*:*:*', 'cpe:2.3:o:mikrotik:routeros:*:*:*:*:-:*:*:*']",1,0
CVE-2020-10364,Mikrotik,0.00819,7.5,0.0,1.0,0.0,1.0,1,2020-03-23,0.0,,0.0,,,"The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-770'],"['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:ccr1009-7g-1c-1s\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:ccr1009-7g-1c-1s\\+pc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:ccr1009-7g-1c-pc:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:ccr1016-12g:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:ccr1016-12s-1s\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:ccr1036-12g-4s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:ccr1036-12g-4s-em:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:ccr1036-8g-2s\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:ccr1036-8g-2s\\+em:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:ccr1072-1g-8s\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:hex:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:hex_lite:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:hex_poe:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:hex_poe_lite:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:hex_s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:powerbox:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:powerbox_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:rb1100ahx4:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:rb1100ahx4:-:*:dude:*:*:*:*:*', 'cpe:2.3:h:mikrotik:rb2011il-in:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:rb2011il-rm:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:rb2011ils-in:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:rb2011uias-in:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:rb2011uias-rm:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:rb3011uias-rm:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mikrotik:rb4011igs\\+rm:-:*:*:*:*:*:*:*']",0,0
CVE-2020-13118,Mikrotik,0.0278,9.8,1.0,0.0,1.0,0.0,1,2020-05-16,0.0,,0.0,,,An issue was discovered in Mikrotik-Router-Monitoring-System through 2018-10-22. SQL Injection exists in check_community.php via the parameter community.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-89'],['cpe:2.3:a:mikrotik-router-monitoring-system_project:mikrotik-router-monitoring-system:*:*:*:*:*:*:*:*'],1,0
CVE-2020-20212,Mikrotik,0.00144,6.5,0.0,0.0,0.0,1.0,1,2021-07-07,0.0,,0.0,,,Mikrotik RouterOs 6.44.5 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-476'],['cpe:2.3:o:mikrotik:routeros:6.44.5:*:*:*:ltr:*:*:*'],0,0
CVE-2020-20213,Mikrotik,0.00365,6.5,0.0,0.0,0.0,1.0,1,2021-07-07,1.0,2021-05-04,,,1.0,Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaustion vulnerability in the /nova/bin/net process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-674'],['cpe:2.3:o:mikrotik:routeros:6.44.5:*:*:*:ltr:*:*:*'],0,0
CVE-2020-20214,Mikrotik,0.00411,6.5,0.0,0.0,0.0,1.0,1,2021-05-18,0.0,,0.0,,,Mikrotik RouterOs 6.44.6 (long-term tree) suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-617'],['cpe:2.3:o:mikrotik:routeros:6.44.6:*:*:*:ltr:*:*:*'],0,0
CVE-2020-20216,Mikrotik,0.00142,6.5,0.0,0.0,0.0,1.0,1,2021-07-07,1.0,2021-05-04,,,1.0,Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/graphing process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-476'],['cpe:2.3:o:mikrotik:routeros:6.44.6:*:*:*:ltr:*:*:*'],0,0
CVE-2020-20219,Mikrotik,0.00201,6.5,0.0,0.0,0.0,1.0,1,2021-07-21,1.0,2021-05-04,,,1.0,Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/igmp-proxy process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-787'],['cpe:2.3:o:mikrotik:routeros:6.44.6:*:*:*:ltr:*:*:*'],0,0
CVE-2020-20252,Mikrotik,0.00201,6.5,0.0,0.0,0.0,1.0,1,2021-07-13,1.0,2020-06-02,,,1.0,Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-476'],['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*'],0,0
CVE-2020-20265,Mikrotik,0.0014,6.5,0.0,0.0,0.0,1.0,1,2021-05-11,1.0,2021-05-05,,,1.0,Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. An authenticated remote attacker can cause a Denial of Service due via a crafted packet.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-787'],['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*'],0,0
CVE-2020-5720,Mikrotik,0.00072,5.9,0.0,0.0,0.0,1.0,1,2020-02-06,1.0,2020-02-06,,,1.0,MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has write permissions. WinBox is vulnerable to this attack if it connects to a malicious endpoint or if an attacker mounts a man in the middle attack.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.2,3.6,['CWE-22'],['cpe:2.3:o:mikrotik:winbox:*:*:*:*:*:*:*:*'],0,0
CVE-2017-20149,Mikrotik,0.00405,9.8,0.0,0.0,0.0,1.0,0,2022-10-15,1.0,2017-09-28,,,1.0,"The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vulnerability to execute arbitrary code on the affected system, as exploited in the wild in mid-2017 and later.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:mikrotik:routeros:*:*:*:*:ltr:*:*:*', 'cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*']",0,0
CVE-2020-22844,Mikrotik,0.00109,7.5,0.0,0.0,0.0,1.0,0,2022-02-28,1.0,2020-07-17,,,1.0,A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted SMB requests.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-401'],['cpe:2.3:o:mikrotik:routeros:6.47:*:*:*:*:*:*:*'],0,0
CVE-2020-22845,Mikrotik,0.00109,7.5,0.0,0.0,0.0,1.0,0,2022-02-28,1.0,2020-07-17,,,1.0,A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-120'],['cpe:2.3:o:mikrotik:routeros:6.47:*:*:*:*:*:*:*'],0,0
CVE-2021-36613,Mikrotik,0.00103,6.5,0.0,0.0,0.0,1.0,0,2022-05-11,1.0,2022-05-30,,,0.0,Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the ptp process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-476'],['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*'],0,0
CVE-2021-36614,Mikrotik,0.00103,6.5,0.0,0.0,0.0,1.0,0,2022-05-11,1.0,2022-05-30,,,0.0,Mikrotik RouterOs before stable 6.48.2 suffers from a memory corruption vulnerability in the tr069-client process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-476'],['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*'],0,0
CVE-2021-41987,Mikrotik,0.00385,8.1,0.0,0.0,0.0,1.0,0,2022-03-16,0.0,,0.0,,,"In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-787'],"['cpe:2.3:o:mikrotik:routeros:6.46.8:*:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.47.9:*:*:*:*:*:*:*', 'cpe:2.3:o:mikrotik:routeros:6.47.10:*:*:*:*:*:*:*']",0,0
CVE-2022-34960,Mikrotik,0.00326,9.8,0.0,0.0,0.0,1.0,0,2022-08-25,1.0,2022-08-05,,,1.0,"The container package in MikroTik RouterOS 7.4beta4 allows an attacker to create mount points pointing to symbolic links, which resolve to locations on the host device. This allows the attacker to mount any arbitrary file to any location on the host.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-59'],['cpe:2.3:o:mikrotik:routeros:7.4:beta4:*:*:-:*:*:*'],0,0
CVE-2022-36522,Mikrotik,0.00066,6.5,0.0,0.0,0.0,1.0,0,2022-08-26,0.0,,0.0,,,Mikrotik RouterOs through stable v6.48.3 was discovered to contain an assertion failure in the component /advanced-tools/nova/bin/netwatch. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-617'],['cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*'],0,0
CVE-2017-6552,Sagemcom,0.02453,7.5,1.0,1.0,0.0,1.0,1,2017-03-09,0.0,,0.0,,,"Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently large default value for the maximum IPv6 routing table size: it can be filled within minutes. An attacker can exploit this issue to render the affected system unresponsive, resulting in a denial-of-service condition for telephone, Internet, and TV services.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-400'],"['cpe:2.3:o:sagemcom:livebox_firmware:5.15.8.1:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:livebox:-:*:*:*:*:*:*:*']",1,0
CVE-2019-19494,Sagemcom,0.15168,8.8,0.0,1.0,0.0,1.0,1,2020-01-09,0.0,,0.0,,,"Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21_T4, Sagemcom F@st 3890 prior to 05.76.6.3f, Sagemcom F@st 3686 3.428.0, Sagemcom F@st 3686 4.83.0, NETGEAR CG3700EMR 2.01.05, NETGEAR CG3700EMR 2.01.03, NETGEAR C6250EMR 2.01.05, NETGEAR C6250EMR 2.01.03, Technicolor TC7230 STEB 01.25, COMPAL 7284E 5.510.5.11, and COMPAL 7486E 5.510.5.11.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-120'],"['cpe:2.3:o:sagemcom:f\\@st_3890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:f\\@st_3890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sagemcom:f\\@st_3890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:f\\@st_3890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sagemcom:f\\@st_3686_firmware:3.428.0:*:*:*:*:*:*:*', 'cpe:2.3:o:sagemcom:f\\@st_3686_firmware:4.83.0:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:f\\@st_3686:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:cg3700emr_firmware:2.01.03:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:cg3700emr_firmware:2.01.05:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:cg3700emr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:c6250emr_firmware:2.01.03:*:*:*:*:*:*:*', 'cpe:2.3:o:netgear:c6250emr_firmware:2.01.05:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:c6250emr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:technicolor:tc7230_steb_firmware:01.25:*:*:*:*:*:*:*', 'cpe:2.3:h:technicolor:tc7230_steb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:compal:7284e_firmware:5.510.5.11:*:*:*:*:*:*:*', 'cpe:2.3:h:compal:7284e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:compal:7486e_firmware:5.510.5.11:*:*:*:*:*:*:*', 'cpe:2.3:h:compal:7486e:-:*:*:*:*:*:*:*']",0,0
CVE-2020-24034,Sagemcom,0.0106,8.8,0.0,1.0,0.0,1.0,1,2020-09-01,0.0,,0.0,,,"Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sess_id, nonce, and ha1 values inside of the serialized session cookie, an attacker may alter the user value inside of this cookie, and assume the role and permissions of the user specified. By assuming the role of the user internal, which is inaccessible to end users by default, the attacker gains the permissions of the internal account, which includes the ability to flash custom firmware to the router, allowing the attacker to achieve a complete compromise.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-502'],"['cpe:2.3:h:sagemcom:f\\@st_5280_router:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sagemcom:f\\@st_5280_router_firmware:1.150.61:*:*:*:*:*:*:*']",0,0
CVE-2019-9555,Sagemcom,0.00084,5.3,0.0,1.0,0.0,1.0,0,2019-03-05,0.0,,1.0,2019-03-04,,"Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-331'],"['cpe:2.3:o:sagemcom:f\\@st_5260_firmware:0.4.39:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:f\\@st_5260:-:*:*:*:*:*:*:*']",0,0
CVE-2020-21733,Sagemcom,0.00178,6.1,0.0,1.0,0.0,1.0,0,2020-09-14,0.0,,0.0,,,"Sagemcom F@ST3686 v1.0 HUN 3.97.0 has XSS via RgDiagnostics.asp, RgDdns.asp, RgFirewallEL.asp, RgVpnL2tpPptp.asp.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:sagemcom:f\\@st_3686_firmware:1.0_hun_3.97.0:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:f\\@st_3686:-:*:*:*:*:*:*:*']",0,0
CVE-2020-29138,Sagemcom,0.00162,5.3,0.0,1.0,0.0,1.0,0,2020-11-27,0.0,,0.0,,,"Incorrect Access Control in the configuration backup path in SAGEMCOM F@ST3486 NET DOCSIS 3.0, software NET_4.109.0, allows remote unauthenticated users to download the router configuration file via the /backupsettings.conf URI, when any valid session is running.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-306'],"['cpe:2.3:o:sagemcom:f\\@st_3486_router_firmware:4.109.0:*:*:*:*:*:*:*', 'cpe:2.3:h:sagemcom:f\\@st_3486_router:3.0:*:*:*:*:*:*:*']",0,0
CVE-2021-3304,Sagemcom,0.00367,9.8,0.0,1.0,0.0,1.0,0,2021-01-26,0.0,,0.0,,,Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:h:sagemcom:f\\@st_3686:v2:*:*:*:*:*:*:*', 'cpe:2.3:o:sagemcom:f\\@st_3686_firmware:3.495:*:*:*:*:*:*:*']",0,0
CVE-2017-8087,AVM,0.00076,2.4,0.0,1.0,0.0,1.0,1,2019-10-22,0.0,,1.0,2019-10-17,,Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with Firmware versions Fritz!OS 6.80 and 6.83 allows physically proximate attackers to view slices of previously transmitted packets or portions of memory via via unspecified vectors.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,LOW,0.9,1.4,['CWE-200'],"['cpe:2.3:h:avm:fritz\\!box_7490:-:*:*:*:*:*:*:*', 'cpe:2.3:o:avm:fritz\\!os:6.80:*:*:*:*:*:*:*', 'cpe:2.3:o:avm:fritz\\!os:6.83:*:*:*:*:*:*:*']",0,0
CVE-2020-26887,AVM,0.0012,7.8,1.0,1.0,0.0,1.0,1,2020-10-23,1.0,2020-08-06,,,1.0,FRITZ!OS before 7.21 on FRITZ!Box devices allows a bypass of a DNS Rebinding protection mechanism.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:avm:fritz\\!box_7490_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:avm:fritz\\!box_7490:-:*:*:*:*:*:*:*']",1,0
CVE-2017-9828,Vivotek,0.01521,9.8,0.0,1.0,0.0,1.0,1,2017-06-23,0.0,,0.0,,,"'/cgi-bin/admin/testserver.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable to shell command injection, which allows remote attackers to execute any shell command as root via a crafted HTTP request. This vulnerability is already verified on VIVOTEK Network Camera IB8369/FD8164/FD816BA; most others have similar firmware that may be affected. An attack uses shell metacharacters in the senderemail parameter.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:vivotek:network_camera_ib8369_firmware:ib8369-vvtk-0102a:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:network_camera_ib8369:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:network_camera_fd8164_firmware:fd8164-_vvtk-0200b:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:network_camera_fd8164:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:network_camera_fd816ba_firmware:fd816ba-vvtk-010101.:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:network_camera_fd816ba:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9829,Vivotek,0.27642,7.5,0.0,1.0,0.0,1.0,1,2017-06-23,0.0,,0.0,,,"'/cgi-bin/admin/downloadMedias.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable, which allows remote attackers to read any file on the camera's Linux filesystem via a crafted HTTP request containing "".."" sequences. This vulnerability is already verified on VIVOTEK Network Camera IB8369/FD8164/FD816BA; most others have similar firmware that may be affected.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:vivotek:network_camera_ib8369_firmware:ib8369-vvtk-0102a:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:network_camera_ib8369:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:network_camera_fd8164_firmware:fd8164-_vvtk-0200b:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:network_camera_fd8164:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:network_camera_fd816ba_firmware:fd816ba-vvtk-010101.:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:network_camera_fd816ba:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14494,Vivotek,0.00327,9.8,0.0,1.0,0.0,1.0,1,2019-07-10,0.0,,0.0,,,"Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. NOTE: the vendor sent a clarification on 2019-09-17 explaining that, although this CVE was first populated in July 2019, it is a historical vulnerability that does not apply to any current or recent Vivotek hardware or firmware",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:vivotek:fd8136_firmware:0301a:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8136:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14495,Vivotek,0.081,9.8,0.0,1.0,0.0,1.0,1,2019-07-10,0.0,,0.0,,,"Vivotek FD8136 devices allow Remote Command Injection, aka ""another command injection vulnerability in our target device,"" a different issue than CVE-2018-14494. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or have any other affect on it's performance",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:vivotek:fd8136_firmware:0301a:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8136:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14496,Vivotek,0.11267,9.8,0.0,1.0,0.0,1.0,1,2019-07-10,0.0,,0.0,,,"Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocal_buff_4326, and set_getparam.cgi. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or have any other affect on it's performance",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:vivotek:fd8136_firmware:0301a:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8136:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14768,Vivotek,0.00316,8.8,0.0,1.0,0.0,0.0,1,2018-08-29,1.0,2018-08-24,,,1.0,"Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],['cpe:2.3:h:vivotek:camera:-:*:*:*:*:*:*:*'],0,0
CVE-2018-14769,Vivotek,0.00071,8.8,0.0,1.0,0.0,0.0,1,2018-09-05,1.0,2018-08-24,,,1.0,VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],['cpe:2.3:h:vivotek:camera:-:*:*:*:*:*:*:*'],0,0
CVE-2018-14770,Vivotek,0.04214,8.8,0.0,1.0,0.0,0.0,1,2018-09-05,1.0,2018-08-24,,,1.0,"VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service).",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],['cpe:2.3:h:vivotek:camera:-:*:*:*:*:*:*:*'],0,0
CVE-2018-14771,Vivotek,0.04214,8.8,0.0,1.0,0.0,0.0,1,2018-09-05,1.0,2018-08-24,,,1.0,VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],['cpe:2.3:h:vivotek:camera:-:*:*:*:*:*:*:*'],0,0
CVE-2018-18004,Vivotek,0.00193,5.3,0.0,1.0,0.0,0.0,1,2019-01-03,1.0,2018-12-28,,,1.0,Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE,MEDIUM,3.9,1.4,['CWE-862'],['cpe:2.3:h:vivotek:camera:-:*:*:*:*:*:*:*'],0,0
CVE-2018-18005,Vivotek,0.00168,6.1,0.0,1.0,0.0,0.0,1,2019-01-03,1.0,2018-12-28,,,1.0,Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:h:vivotek:camera:-:*:*:*:*:*:*:*'],0,0
CVE-2018-18244,Vivotek,0.00168,6.1,0.0,1.0,0.0,0.0,1,2019-01-03,1.0,2018-12-28,,,1.0,Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:h:vivotek:camera:-:*:*:*:*:*:*:*'],0,0
CVE-2019-10256,Vivotek,0.00244,9.8,0.0,1.0,0.0,0.0,1,2019-09-10,1.0,2019-07-24,,,1.0,An authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],['cpe:2.3:h:vivotek:camera:-:*:*:*:*:*:*:*'],0,0
CVE-2019-14457,Vivotek,0.00356,9.8,0.0,1.0,0.0,0.0,1,2019-09-10,1.0,2019-09-17,,,0.0,VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],['cpe:2.3:h:vivotek:camera:-:*:*:*:*:*:*:*'],0,0
CVE-2019-14458,Vivotek,0.00223,7.5,0.0,1.0,0.0,0.0,1,2019-09-18,1.0,2019-09-17,,,1.0,VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],['cpe:2.3:h:vivotek:camera:-:*:*:*:*:*:*:*'],0,0
CVE-2020-11949,Vivotek,0.00065,6.5,0.0,1.0,0.0,1.0,1,2020-05-28,1.0,2020-05-26,,,1.0,"testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. For example, this affects IT9388-HT devices.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:vivotek:cc9381-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cc9381-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9360-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9360-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9368-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9368-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9380-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9380-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9388-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9388-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9360-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9360-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9368-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9368-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9380-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9380-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9388-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9388-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:it9360-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:it9360-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:it9380-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:it9380-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:it9388-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:it9388-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md9560-dh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md9560-dh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md9560-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md9560-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9366-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9366-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9166-hn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9166-hn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9380-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9380-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:cc8160_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cc8160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:cc8160\\(hs\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cc8160\\(hs\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:cc8370-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cc8370-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:cc8371-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cc8371-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:cd8371-hntv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cd8371-hntv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:cd8371-hnvf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cd8371-hnvf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8166a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8166a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8166a-n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8166a-n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8167a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8167a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8169a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8169a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8367a-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8367a-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8369a-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8369a-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd816ba-hf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd816ba-hf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836ba-hvf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836ba-hvf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836ba-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836ba-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836ba-ehvf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836ba-ehvf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd816ba-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd816ba-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836ba-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836ba-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836ba-ehf3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836ba-ehf3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836ba-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836ba-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836ba-hf3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836ba-hf3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836ba-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836ba-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd816b-hf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd816b-hf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd816b-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd816b-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836b-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836b-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836b-ehvf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836b-ehvf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836b-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836b-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836b-hvf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836b-hvf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836b-ehf3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836b-ehf3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836b-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836b-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836b-hf3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836b-hf3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836b-hrf3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836b-hrf3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836b-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836b-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd816ca-hf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd816ca-hf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd816c-hf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd816c-hf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8182-f1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8182-f1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8182-f2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8182-f2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8182-t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8182-t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8382-etv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8382-etv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8382-evf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8382-evf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8382-tv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8382-tv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8382-vf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8382-vf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8382-ef3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8382-ef3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8382-et_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8382-et:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8382-f3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8382-f3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8382-t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8382-t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8366-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8366-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8367a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8367a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8369a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8369a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip8166_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip8166:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md8563-deh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md8563-deh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md8563-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md8563-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md8564-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md8564-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md8565-n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md8565-n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:vc8101_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:vc8101:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:vs8100-v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:vs8100-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip8160_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip8160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip8160-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip8160-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8360-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8360-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9171-hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9171-hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9181-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9181-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9371-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9371-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9381-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9381-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9371-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9371-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9381-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9381-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9171-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9171-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9181-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9181-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9181-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9181-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9182-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9182-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9381-ehv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9381-ehv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9382-ehv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9382-ehv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9180-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9180-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9582-ehnv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9582-ehnv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9161-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9161-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9361-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9361-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9362-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9362-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9362-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9362-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9363-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9363-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9364-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9364-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9364-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9364-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9363-ehl-v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9363-ehl-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9364-ehl-v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9364-ehl-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9362-eh-v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9362-eh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9364-eh-v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9364-eh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9366-eh-v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9366-eh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9366-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9366-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9366-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9366-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9365-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9365-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:iz9361-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:iz9361-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9187-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9187-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9187-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9187-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9387-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9387-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9387-ehv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9387-ehv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9387-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9387-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9387-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9387-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9387-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9387-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9387-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9387-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9387-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9387-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9387-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9387-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9189-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9189-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9189-hm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9189-hm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9189-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9189-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9389-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9389-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9389-hmv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9389-hmv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9389-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9389-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9389-ehmv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9389-ehmv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9389-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9389-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9389-ehv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9389-ehv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9389-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9389-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9389-ehm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9389-ehm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9389-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9389-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9389-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9389-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9389-hm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9389-hm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9389-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9389-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9165-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9165-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9365-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9365-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9365-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9365-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9365-htvl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9365-htvl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9365-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9365-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9365-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9365-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9165-hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9165-hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9165-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9165-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9165-lpc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9165-lpc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9391-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9391-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9191_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9191:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9191-hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9191-hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9191-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9191-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9391-ev_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9391-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9391-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9391-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9172-lpc\\(freeway\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9172-lpc\\(freeway\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:it9389-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:it9389-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:it9389-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:it9389-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md9561-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md9561-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md9581-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md9581-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ms9390-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ms9390-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:tb9330-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:tb9330-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:tb9331-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:tb9331-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9374-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9374-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9167-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9167-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9167-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9167-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9367-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9367-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9367-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9367-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9367-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9367-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9367-htv\\(epoc\\)_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9367-htv\\(epoc\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9367-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9367-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9367-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9367-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9367-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9367-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9367-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9367-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9167-hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9167-hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9167-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9167-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ma9321-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ma9321-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ms9321-ehv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ms9321-ehv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ma9322-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ma9322-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8177-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8177-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8377-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8377-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8177-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8177-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8377-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8377-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8377-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8377-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8179-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8179-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8379-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8379-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8377-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8377-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8377-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8377-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8377-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8377-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9165-ht-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9165-ht-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9365-htv-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9365-htv-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9365-ehtv-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9365-ehtv-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9187-ht-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9187-ht-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9387-htv-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9387-htv-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9387-ehtv-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9387-ehtv-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9365-eht-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9365-eht-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9365-ht-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9365-ht-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9387-eht-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9387-eht-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9387-ht-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9387-ht-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9164-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9164-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9164-lpc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9164-lpc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9165-lpc\\(i-cs_kit\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9165-lpc\\(i-cs_kit\\):-:*:*:*:*:*:*:*']",0,0
CVE-2020-11950,Vivotek,0.00116,8.8,0.0,1.0,0.0,1.0,1,2020-05-28,1.0,2020-05-26,,,1.0,"VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For example, this affects IT9388-HT devices.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:vivotek:cc9381-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cc9381-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9360-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9360-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9368-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9368-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9380-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9380-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9388-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9388-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9360-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9360-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9368-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9368-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9380-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9380-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9388-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9388-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:it9360-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:it9360-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:it9380-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:it9380-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:it9388-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:it9388-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md9560-dh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md9560-dh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md9560-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md9560-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9366-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9366-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9166-hn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9166-hn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9380-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9380-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:cc8160_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cc8160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:cc8160\\(hs\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cc8160\\(hs\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:cc8370-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cc8370-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:cc8371-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cc8371-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:cd8371-hntv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cd8371-hntv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:cd8371-hnvf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:cd8371-hnvf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8166a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8166a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8166a-n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8166a-n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8167a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8167a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8167a-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8167a-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8169a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8169a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8169a-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8169a-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8367a-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8367a-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8369a-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8369a-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd816ba-hf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd816ba-hf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836ba-hvf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836ba-hvf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836ba-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836ba-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836ba-ehvf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836ba-ehvf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd816ba-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd816ba-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836ba-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836ba-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836ba-ehf3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836ba-ehf3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836ba-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836ba-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836ba-hf3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836ba-hf3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836ba-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836ba-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd816b-hf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd816b-hf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd816b-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd816b-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836b-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836b-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836b-ehvf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836b-ehvf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836b-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836b-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836b-hvf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836b-hvf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836b-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836b-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836b-ehvf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836b-ehvf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836b-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836b-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd836b-hvf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd836b-hvf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836b-ehf3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836b-ehf3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836b-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836b-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836b-hf3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836b-hf3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836b-hrf3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836b-hrf3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib836b-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib836b-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd816ca-hf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd816ca-hf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd816c-hf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd816c-hf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe8182_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe8182:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8182-f1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8182-f1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8182-f2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8182-f2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8182-t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8182-t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8382-etv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8382-etv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8382-evf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8382-evf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8382-tv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8382-tv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8382-vf2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8382-vf2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8382-ef3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8382-ef3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8382-et_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8382-et:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8382-f3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8382-f3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8382-rf3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8382-rf3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8382-rt_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8382-rt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8382-t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8382-t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8366-v_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8366-v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8367a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8367a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8369a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8369a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip8166_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip8166:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md8563-deh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md8563-deh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md8563-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md8563-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md8564-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md8564-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md8565-n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md8565-n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:vc8101_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:vc8101:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:vs8100-v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:vs8100-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip8160_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip8160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip8160-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip8160-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8360-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8360-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9171-hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9171-hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9181-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9181-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9371-\\(e\\)htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9371-\\(e\\)htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9381-\\(e\\)htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9381-\\(e\\)htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9371-\\(e\\)ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9371-\\(e\\)ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9381-\\(e\\)ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9381-\\(e\\)ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9171-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9171-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9181-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9181-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9181-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9181-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9182-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9182-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9381-ehv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9381-ehv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9382-ehv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9382-ehv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9180-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9180-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9582-ehnv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9582-ehnv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9161-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9161-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9361-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9361-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9362-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9362-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9362-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9362-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9363-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9363-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9364-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9364-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9364-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9364-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9363-ehl-v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9363-ehl-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9364-ehl-v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9364-ehl-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9362-eh-v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9362-eh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9364-eh-v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9364-eh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9366-eh-v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9366-eh-v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9366-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9366-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9366-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9366-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9365-ehl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9365-ehl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:iz9361-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:iz9361-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9187-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9187-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9187-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9187-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9387-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9387-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9387-ehv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9387-ehv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9387-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9387-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9387-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9387-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9387-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9387-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9387-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9387-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9387-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9387-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9387-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9387-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9189-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9189-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9189-hm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9189-hm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9189-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9189-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9389-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9389-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9389-hmv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9389-hmv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9389-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9389-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9389-ehmv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9389-ehmv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9389-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9389-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9389-ehv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9389-ehv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9389-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9389-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9389-ehm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9389-ehm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9389-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9389-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9389-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9389-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9389-hm_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9389-hm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9389-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9389-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9165-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9165-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9365-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9365-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9365-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9365-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9365-htvl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9365-htvl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9365-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9365-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9365-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9365-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9165-hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9165-hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9165-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9165-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9165-lpc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9165-lpc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9391-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9391-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9191_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9191:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9191-hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9191-hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9191-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9191-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fe9391-ev_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fe9391-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9391-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9391-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9172-lpc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9172-lpc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:it9389-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:it9389-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:it9389-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:it9389-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md9561-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md9561-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:md9581-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:md9581-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ms9390-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ms9390-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:tb9330-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:tb9330-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:tb9331-e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:tb9331-e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:sd9374-ehl\\(x\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:sd9374-ehl\\(x\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9167-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9167-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9167-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9167-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9367-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9367-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9367-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9367-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9367-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9367-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9367-htv\\(epoc\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9367-htv\\(epoc\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9367-eh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9367-eh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9367-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9367-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9367-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9367-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9367-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9367-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9167-hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9167-hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9167-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9167-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9167-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9167-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ma9321-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ma9321-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ms9321-ehv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ms9321-ehv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ma9322-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ma9322-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8177-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8177-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8377-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8377-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8177-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8177-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8377-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8377-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8177-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8177-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8377-ehtv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8377-ehtv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8377-htv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8377-htv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8179-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8179-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd8379-hv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd8379-hv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8377-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8377-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8379-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8379-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8377-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8377-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib8377-eht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib8377-eht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9165-ht-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9165-ht-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9365-htv-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9365-htv-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9365-ehtv-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9365-ehtv-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9187-ht-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9187-ht-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9387-htv-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9387-htv-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:fd9387-ehtv-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:fd9387-ehtv-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9365-eht-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9365-eht-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9365-ht-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9365-ht-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9387-eht-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9387-eht-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ib9387-ht-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ib9387-ht-a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9164-ht_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9164-ht:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9164-lpc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9164-lpc:-:*:*:*:*:*:*:*', 'cpe:2.3:o:vivotek:ip9165-lpc\\(i-cs_kit\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vivotek:ip9165-lpc\\(i-cs_kit\\):-:*:*:*:*:*:*:*']",0,0
CVE-2017-9851,SMA Solar Technology,0.00215,7.5,0.0,0.0,1.0,0.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. By sending nonsense data or setting up a TELNET session to the database port of Sunny Explorer, the application can be crashed. NOTE: the vendor reports that the maximum possible damage is a communication failure. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],['cpe:2.3:a:sma:sunny_explorer:-:*:*:*:*:*:*:*'],0,0
CVE-2017-9852,SMA Solar Technology,0.00315,9.8,0.0,1.0,0.0,1.0,1,2017-08-05,0.0,,0.0,,,"An Incorrect Password Management issue was discovered in SMA Solar Technology products. Default passwords exist that are rarely changed. User passwords will almost always be default. Installer passwords are expected to be default or similar across installations installed by the same company (but are sometimes changed). Hidden user accounts have (at least in some cases, though more research is required to test this for all hidden user accounts) a fixed password for all devices; it can never be changed by a user. Other vulnerabilities exist that allow an attacker to get the passwords of these hidden user accounts. NOTE: the vendor reports that it has no influence on the allocation of passwords, and that global hardcoded master passwords do not exist. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9853,SMA Solar Technology,0.00315,9.8,0.0,1.0,0.0,1.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. All inverters have a very weak password policy for the user and installer password. No complexity requirements or length requirements are set. Also, strong passwords are impossible due to a maximum of 12 characters and a limited set of characters. NOTE: the vendor reports that the 12-character limit provides ""a very high security standard."" Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-521'],"['cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9854,SMA Solar Technology,0.00315,9.8,0.0,1.0,0.0,1.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. By sniffing for specific packets on the localhost, plaintext passwords can be obtained as they are typed into Sunny Explorer by the user. These passwords can then be used to compromise the overall device. NOTE: the vendor reports that exploitation likelihood is low because these packets are usually sent only once during installation. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-311'],"['cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9855,SMA Solar Technology,0.00283,9.8,0.0,1.0,0.0,1.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. A secondary authentication system is available for Installers called the Grid Guard system. This system uses predictable codes, and a single Grid Guard code can be used on any SMA inverter. Any such code, when combined with the installer account, allows changing very sensitive parameters. NOTE: the vendor reports that Grid Guard is not an authentication feature; it is only a tracing feature. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['NVD-CWE-noinfo', 'CWE-284']","['cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9856,SMA Solar Technology,0.00245,9.8,0.0,1.0,0.0,1.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. Sniffed passwords from SMAdata2+ communication can be decrypted very easily. The passwords are ""encrypted"" using a very simple encryption algorithm. This enables an attacker to find the plaintext passwords and authenticate to the device. NOTE: the vendor reports that only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N,NETWORK,HIGH,NONE,REQUIRED,CHANGED,LOW,NONE,NONE,LOW,1.6,1.4,"['NVD-CWE-noinfo', 'CWE-256']","['cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9857,SMA Solar Technology,0.00137,8.1,0.0,1.0,0.0,1.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. The SMAdata2+ communication protocol does not properly use authentication with encryption: it is vulnerable to man in the middle, packet injection, and replay attacks. Any setting change, authentication packet, scouting packet, etc. can be replayed, injected, or used for a man in the middle session. All functionalities available in Sunny Explorer can effectively be done from anywhere within the network as long as an attacker gets the packet setup correctly. This includes the authentication process for all (including hidden) access levels and the changing of settings in accordance with the gained access rights. Furthermore, because the SMAdata2+ communication channel is unencrypted, an attacker capable of understanding the protocol can eavesdrop on communications. NOTE: the vendor's position is that authentication with encryption is not required on an isolated subnetwork. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-287'],"['cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9858,SMA Solar Technology,0.00182,7.5,0.0,1.0,0.0,1.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. By sending crafted packets to an inverter and observing the response, active and inactive user accounts can be determined. This aids in further attacks (such as a brute force attack) as one now knows exactly which users exist and which do not. NOTE: the vendor's position is that this ""is not a security gap per se."" Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9859,SMA Solar Technology,0.00315,9.8,0.0,1.0,0.0,1.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. The inverters make use of a weak hashing algorithm to encrypt the password for REGISTER requests. This hashing algorithm can be cracked relatively easily. An attacker will likely be able to crack the password using offline crackers. This cracked password can then be used to register at the SMA servers. NOTE: the vendor's position is that ""we consider the probability of the success of such manipulation to be extremely low."" Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-327'],"['cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9860,SMA Solar Technology,0.00315,9.8,0.0,1.0,0.0,1.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. An attacker can use Sunny Explorer or the SMAdata2+ network protocol to update the device firmware without ever having to authenticate. If an attacker is able to create a custom firmware version that is accepted by the inverter, the inverter is compromised completely. This allows the attacker to do nearly anything: for example, giving access to the local OS, creating a botnet, using the inverters as a stepping stone into companies, etc. NOTE: the vendor reports that this attack has always been blocked by ""a final integrity and compatibility check."" Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9861,SMA Solar Technology,0.00137,9.8,0.0,1.0,0.0,1.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. The SIP implementation does not properly use authentication with encryption: it is vulnerable to replay attacks, packet injection attacks, and man in the middle attacks. An attacker is able to successfully use SIP to communicate with the device from anywhere within the LAN. An attacker may use this to crash the device, stop it from communicating with the SMA servers, exploit known SIP vulnerabilities, or find sensitive information from the SIP communications. Furthermore, because the SIP communication channel is unencrypted, an attacker capable of understanding the protocol can eavesdrop on communications. For example, passwords can be extracted. NOTE: the vendor's position is that authentication with encryption is not required on an isolated subnetwork. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-74'],"['cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9862,SMA Solar Technology,0.00182,7.5,0.0,0.0,1.0,0.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. When signed into Sunny Explorer with a wrong password, it is possible to create a debug report, disclosing information regarding the application and allowing the attacker to create and save a .txt file with contents to his liking. An attacker may use this for information disclosure, or to write a file to normally unavailable locations on the local system. NOTE: the vendor reports that ""the information contained in the debug report is of marginal significance."" Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],['cpe:2.3:a:sma:sunny_explorer:-:*:*:*:*:*:*:*'],0,0
CVE-2017-9863,SMA Solar Technology,0.00125,8.8,0.0,1.0,1.0,1.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. If a user simultaneously has Sunny Explorer running and visits a malicious host, cross-site request forgery can be used to change settings in the inverters (for example, issuing a POST request to change the user password). All Sunny Explorer settings available to the authenticated user are also available to the attacker. (In some cases, this also includes changing settings that the user has no access to.) This may result in complete compromise of the device. NOTE: the vendor reports that exploitation is unlikely because Sunny Explorer is used only rarely. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:a:sma:sunny_explorer:-:*:*:*:*:*:*:*']",0,0
CVE-2017-9864,SMA Solar Technology,0.00147,7.5,0.0,1.0,0.0,1.0,1,2017-08-05,0.0,,0.0,,,"An issue was discovered in SMA Solar Technology products. An attacker can change the plant time even when not authenticated in any way. This changes the system time, possibly affecting lockout policies and random-number generators based on timestamps, and makes timestamps for data analysis unreliable. NOTE: the vendor reports that this is largely irrelevant because it only affects log-entry timestamps, and because the plant time would later be reset via NTP. (It has never been the case that a lockout policy or random-number generator was affected.) Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:sma:sunny_boy_3600_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_core1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_core1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_15000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_15000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_20000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_20000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_25000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_25000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_12000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_12000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_tripower_60_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower_60:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3600tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3600tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5000tl_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5000tl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_1.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_1.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_2.5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_3.6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_3.6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_4.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_4.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_5.0_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_5.0:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_1000cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_1000cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_800cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_800cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_850cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_850cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_900cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_900cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_500cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_500cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_630cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_630cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_720cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_720cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_760cp_xt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_760cp_xt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_500_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_630_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_630:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_720_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_720:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_760_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_760:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_800_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_900_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_1000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_1000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2200_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_central_storage_2500-ev_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_central_storage_2500-ev:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_boy_storage_2.5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_boy_storage_2.5:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13529,SMA Solar Technology,0.00143,8.8,1.0,1.0,0.0,1.0,1,2019-10-09,0.0,,1.0,2019-10-08,,"An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which would increase the ease of exploitation.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:h:sma:sunny_webbox:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sma:sunny_webbox_firmware:*:*:*:*:*:*:*:*']",1,0
CVE-2021-46416,SMA Solar Technology,0.00921,8.1,1.0,1.0,0.0,1.0,0,2022-04-07,0.0,,0.0,,,Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,['CWE-639'],"['cpe:2.3:o:sma:sunny_tripower_firmware:3.10.16.r:*:*:*:*:*:*:*', 'cpe:2.3:h:sma:sunny_tripower:5.0:*:*:*:*:*:*:*']",1,0
CVE-2018-0628,NEC Corporation,0.00118,7.2,0.0,0.0,0.0,1.0,1,2019-01-09,1.0,2018-07-12,,,1.0,Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:nec:aterm_wg1200hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200hp:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0634,NEC Corporation,0.00118,7.2,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-07-12,,,1.0,Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:nec:aterm_hc100rc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_hc100rc:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0636,NEC Corporation,0.00118,7.2,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-07-12,,,1.0,"Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:nec:aterm_hc100rc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_hc100rc:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0637,NEC Corporation,0.00118,7.2,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-07-12,,,1.0,Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:nec:aterm_hc100rc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_hc100rc:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0639,NEC Corporation,0.00118,7.2,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-07-12,,,1.0,"Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:nec:aterm_hc100rc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_hc100rc:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0640,NEC Corporation,0.00115,7.2,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-07-12,,,1.0,"Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via netWizard.cgi date parameter, time parameter, and offset parameter.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-119'],"['cpe:2.3:o:nec:aterm_hc100rc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_hc100rc:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0641,NEC Corporation,0.00115,7.2,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-07-12,,,1.0,"Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via tools_system.cgi date parameter, time parameter, and offset parameter.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-119'],"['cpe:2.3:o:nec:aterm_hc100rc_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_hc100rc:-:*:*:*:*:*:*:*']",0,0
CVE-2018-11741,NEC Corporation,0.10084,9.8,1.0,1.0,0.0,1.0,1,2018-12-26,0.0,,0.0,,,NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-200'],"['cpe:2.3:o:nec:univerge_sv9100_webpro_firmware:6.00.00:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_sv9100_webpro:-:*:*:*:*:*:*:*']",1,0
CVE-2018-11742,NEC Corporation,0.07121,9.8,1.0,1.0,0.0,1.0,1,2018-12-26,0.0,,0.0,,,NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:nec:univerge_sv9100_webpro_firmware:6.00.00:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_sv9100_webpro:-:*:*:*:*:*:*:*']",1,0
CVE-2018-16192,NEC Corporation,0.00074,6.5,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-12-14,,,1.0,"Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allow an attacker on the same network segment to obtain information registered on the device via unspecified vectors.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-200'],"['cpe:2.3:o:nec:aterm_wf1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wf1200cr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16193,NEC Corporation,0.00054,5.4,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-12-14,,,1.0,"Cross-site scripting vulnerability in Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.",CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:nec:aterm_wf1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wf1200cr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16194,NEC Corporation,0.00118,7.2,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-12-14,,,1.0,"Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to execute arbitrary OS commands via unspecified vectors.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:nec:aterm_wf1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wf1200cr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16195,NEC Corporation,0.00078,8.8,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-12-14,,,1.0,"Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:nec:aterm_wf1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wf1200cr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10917,NEC Corporation,0.01791,9.8,0.0,0.0,1.0,0.0,1,2020-07-22,1.0,2020-06-01,,,1.0,"This vulnerability allows remote attackers to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10007.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-502'],['cpe:2.3:a:nec:esmpro_manager:6.42:*:*:*:*:*:*:*'],0,0
CVE-2020-12695,NEC Corporation,0.00547,7.5,0.0,1.0,0.0,0.0,1,2020-06-08,0.0,,0.0,,,"The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H,NETWORK,HIGH,NONE,NONE,CHANGED,LOW,NONE,HIGH,HIGH,2.2,4.7,['CWE-276'],"['cpe:2.3:a:ui:unifi_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-n11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:broadcom:adsl:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:selphy_cp1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:wap131:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:wap150:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:wap351:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dvg-n5412sp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:b1165nfw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-101:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ew-m970a3t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:m571t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-2101:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-2105:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-241:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-320:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-330:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-340:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-4105:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-440:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-702:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-8500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-8600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-960:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-970:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5020_z4a69a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5030_m2u92b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5030_z4a70a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5034_z4a74a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5660_f8b04a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3456_a9t84c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t83b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3546_a9t82a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3548_a9t81b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4515:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4518:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4536_f0v65a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4538_f0v66b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4676_f1h98a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4678_f1h99b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn517a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn517b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn517c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn518a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn519a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn519b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq812c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_111_cq810a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_114_cq811a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_114_cq811b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_114_cq812a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_120_cz022a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_120_cz022b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_120_cz022c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_a9t80a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_a9t80b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_a9t89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_d3p93a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4501_c8d05a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4502_a9t85a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4502_a9t87b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4503_e6g71b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4504_a9t88b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4504_c8d04a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4505_a9t86a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4507_e6g70b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4508_e6g72b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4509_d3p94a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4509_d3p94b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4511_k9h50a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4512_k9h49a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4513_k9h51a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4516_k9h52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_e6g67a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_e6g67b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_f0v63a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_f0v63b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_f0v69a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4521_k9t10b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4522_f0v67a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4523_j6u60b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4524_f0v71b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4524_f0v72b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4524_k9t01a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4525_k9t09b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4526_k9t05b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4527_j6u61b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4528_k9t08b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u85a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u85b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u91a:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u91a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u94b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_z4a54a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_z4a74a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5020_m2u91b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5530:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5531:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5532:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5534:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5535:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5536:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5539:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_f2e72a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v47a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v51a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v53a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_k7c85a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5541_k7g89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5542_k7c88a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5543_n9u88a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5544_k7c89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5544_k7c93a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5545_g0v50a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5546_k7c90a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5547_j6u64a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5548_k7g87a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5640_b9s56a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5640_b9s58a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5642_b9s64a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5643_b9s63a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5644_b9s65a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5646_f8b05a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5664_f8b08a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5665_f8b06a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_5se16b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_5se17a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_6wd35a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_7cz37a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6052_5se18a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6055_5se16a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6540_b9s59a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_7640:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_7644_e4w46a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_7645_e4w44a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_k7g18a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_k7g26b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_k7s21b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_y0k13d_:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_y0k15a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6220_k7g20d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6220_k7g21b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6222_y0k13d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6222_y0k14d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6230_k7g25b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6232_k7g26b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6234_k7s21b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6252_k7g22a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_3xd89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_k7g93a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_k7g99a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_z3m37a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_z3m52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7120_z3m41d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7155_z3m52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7164_k7g99a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_k7r96a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_k7s00a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_k7s10d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_y0g42d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_y0g52b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7822_y0g42d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7822_y0g43d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7830_y0g50b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_5se45b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_5se46a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_6wd14a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_6wd16a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6452_5se47a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6455_5se45a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4650_e6g87a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4650_f1h96a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4650_f1h96b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4652_f1j02a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4652_f1j05b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4652_k9v84b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4654_f1j06b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4654_f1j07b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4655_f1j00a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4655_k9v79a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4655_k9v82b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4656_k9v81b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4657_v6d29b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4658_v6d30b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hg255s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hg532e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:wr8165n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnhde111:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ruckussecurity:zonedirector_1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:archer_c50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:amg1202-t10b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8324-b10a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:xbox_one:10.0.19041.2494:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*']",0,0
CVE-2020-27859,NEC Corporation,0.03066,7.5,0.0,0.0,1.0,0.0,1,2021-01-20,1.0,2020-11-10,,,1.0,This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetEuaLogDownloadAction class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-9607.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],['cpe:2.3:a:nec:esmpro_manager:6.42:*:*:*:*:*:*:*'],0,0
CVE-2020-5524,NEC Corporation,0.00068,8.8,0.0,1.0,0.0,1.0,1,2020-02-21,1.0,2020-02-19,,,1.0,"Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:h:nec:aterm_wg2600hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg2600hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wf1200c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wf1200c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-5525,NEC Corporation,0.00044,8.0,0.0,1.0,0.0,1.0,1,2020-02-21,0.0,,0.0,,,"Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['CWE-78'],"['cpe:2.3:o:nec:aterm_wg2600hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg2600hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wf1200c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wf1200c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5533,NEC Corporation,0.00092,6.1,0.0,1.0,0.0,1.0,1,2020-02-21,1.0,2020-02-19,,,1.0,Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:nec:aterm_wg2600hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg2600hs:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5534,NEC Corporation,0.00044,8.0,0.0,1.0,0.0,1.0,1,2020-02-21,1.0,2020-02-19,,,1.0,Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.,CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['CWE-78'],"['cpe:2.3:o:nec:aterm_wg2600hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg2600hs:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20680,NEC Corporation,0.00124,6.1,0.0,1.0,0.0,1.0,1,2021-04-26,1.0,2021-04-09,,,1.0,"Cross-site scripting vulnerability in NEC Aterm devices (Aterm WG1900HP2 firmware Ver.1.3.1 and earlier, Aterm WG1900HP firmware Ver.2.5.1 and earlier, Aterm WG1800HP4 firmware Ver.1.3.1 and earlier, Aterm WG1800HP3 firmware Ver.1.5.1 and earlier, Aterm WG1200HS2 firmware Ver.2.5.0 and earlier, Aterm WG1200HP3 firmware Ver.1.3.1 and earlier, Aterm WG1200HP2 firmware Ver.2.5.0 and earlier, Aterm W1200EX firmware Ver.1.3.1 and earlier, Aterm W1200EX-MS firmware Ver.1.3.1 and earlier, Aterm WG1200HS firmware all versions Aterm WG1200HP firmware all versions Aterm WF800HP firmware all versions Aterm WF300HP2 firmware all versions Aterm WR8165N firmware all versions Aterm W500P firmware all versions, and Aterm W300P firmware all versions) allows remote attackers to inject arbitrary script or HTML via unspecified vectors.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:nec:aterm_wg1900hp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1900hp2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1900hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1900hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1800hp4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1800hp4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1800hp3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1800hp3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200hs3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200hs3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200hs2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200hs2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200hp3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200hp3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200hp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200hp2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_w1200ex_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_w1200ex:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_w1200ex-ms_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_w1200ex-ms:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wf800hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wf800hp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wf300hp2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wf300hp2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wr8165n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wr8165n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_w500p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_w500p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_w300p_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_w300p:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20708,NEC Corporation,0.00118,7.2,0.0,1.0,0.0,1.0,1,2021-04-26,1.0,2021-04-09,,,1.0,"NEC Aterm devices (Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier) allow authenticated attackers to execute arbitrary OS commands by sending a specially crafted request to a specific URL.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:nec:aterm_wf1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wf1200cr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg2600hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg2600hs:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20709,NEC Corporation,0.00104,7.2,0.0,1.0,0.0,1.0,1,2021-04-26,1.0,2021-04-09,,,1.0,"Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to a specific URL.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-354'],"['cpe:2.3:o:nec:aterm_wf1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wf1200cr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg1200cr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg1200cr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wg2600hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg2600hs:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20711,NEC Corporation,0.00246,9.8,0.0,1.0,0.0,1.0,1,2021-04-26,1.0,2021-04-09,,,1.0,Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:nec:aterm_wg2600hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg2600hs:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20712,NEC Corporation,0.0009,5.3,0.0,1.0,0.0,1.0,1,2021-04-26,1.0,2021-04-09,,,1.0,"Improper access control vulnerability in NEC Aterm WG2600HS firmware Ver1.5.1 and earlier, and Aterm WX3000HP firmware Ver1.1.2 and earlier allows a device connected to the LAN side to be accessed from the WAN side due to the defect in the IPv6 firewall function.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['NVD-CWE-Other'],"['cpe:2.3:o:nec:aterm_wg2600hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wg2600hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:aterm_wx3000hp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:aterm_wx3000hp:-:*:*:*:*:*:*:*']",0,0
CVE-2016-1145,NEC Corporation,0.00377,7.5,0.0,0.0,1.0,0.0,0,2016-01-30,1.0,2016-01-29,,,1.0,Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via unspecified vectors.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:a:nec:expresscluster_x:3.3:*:*:*:*:linux_kernel:*:*', 'cpe:2.3:a:nec:expresscluster_x:3.3:*:*:*:*:windows:*:*']",0,0
CVE-2019-20025,NEC Corporation,0.00667,9.8,0.0,1.0,0.0,1.0,0,2020-07-29,0.0,,0.0,,,"Certain builds of NEC SV9100 software could allow an unauthenticated, remote attacker to log into a device running an affected release with a hardcoded username and password, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account with manufacturer privilege level. An attacker could exploit this vulnerability by using this account to remotely log into an affected device. A successful exploit could allow the attacker to log into the device with manufacturer level access. This vulnerability affects SV9100 PBXes that are running software release 6.0 or higher. This vulnerability does not affect SV9100 software releases prior to 6.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:h:nec:sv9100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:sv9100_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-20026,NEC Corporation,0.00176,7.5,0.0,1.0,0.0,1.0,0,2020-07-29,0.0,,0.0,,,The WebPro interface in NEC SV9100 software releases 7.0 or higher allows unauthenticated remote attackers to reset all existing usernames and passwords to default values via a crafted request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:nec:sv9100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:sv9100:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20027,NEC Corporation,0.00309,9.8,0.0,1.0,0.0,1.0,0,2020-07-29,0.0,,0.0,,,"Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2100 with software releases 7.0 or higher contain the possibility if incorrectly configured to allow a blank username and password combination to be entered as a valid, successfully authenticating account.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:h:nec:sv8100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:sv8100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:sv9100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:sv9100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:sl1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:sl1100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:sl2100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:sl2100_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-20028,NEC Corporation,0.00168,7.5,0.0,1.0,0.0,1.0,0,2020-07-29,0.0,,0.0,,,"Aspire-derived NEC PBXes operating InMail software, including all versions of SV8100, SV9100, SL1100 and SL2100 devices allow unauthenticated read-only access to voicemails, greetings, and voice response system content through a system's WebPro administration interface.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:nec:sv8100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:sv8100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:sv9100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:sv9100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:sl1100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:sl1100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:sl2100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:sl2100:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20030,NEC Corporation,0.00044,7.8,0.0,1.0,0.0,1.0,0,2020-07-29,0.0,,0.0,,,An attacker with knowledge of the modem access number on a NEC UM8000 voicemail system may use SSH tunneling or standard Linux utilities to gain access to the system's LAN port. All versions are affected.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:nec:um8000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:um8000:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20031,NEC Corporation,0.00168,9.1,0.0,1.0,0.0,1.0,0,2020-07-29,0.0,,0.0,,,"NEC UM8000, UM4730 and prior non-InMail voicemail systems with all known software versions may permit an infinite number of login attempts in the telephone user interface (TUI), effectively allowing brute force attacks.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['CWE-307'],"['cpe:2.3:o:nec:um8000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:um8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:um4730_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:um4730:-:*:*:*:*:*:*:*']",0,0
CVE-2019-20033,NEC Corporation,0.00309,9.8,0.0,1.0,0.0,1.0,0,2020-07-29,0.0,,0.0,,,"On Aspire-derived NEC PBXes, including all versions of SV8100 devices, a set of documented, static login credentials may be used to access the DIM interface.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:nec:sv8100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:sv8100:-:*:*:*:*:*:*:*']",0,0
CVE-2020-17408,NEC Corporation,0.05037,7.5,0.0,0.0,1.0,0.0,0,2020-09-10,1.0,2020-08-28,,,1.0,"This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ExpressCluster 4.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the clpwebmc executable. Due to the improper restriction of XML External Entity (XXE) references, a specially-crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-10801.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-611'],"['cpe:2.3:a:nec:expresscluster_x:4.1:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x:4.2:*:*:*:*:windows:*:*']",0,0
CVE-2020-5632,NEC Corporation,0.00044,7.8,0.0,0.0,1.0,0.0,0,2020-10-06,1.0,2020-09-30,,,1.0,"InfoCage SiteShell series (Host type SiteShell for IIS V1.4, V1.5, and V1.6, Host type SiteShell for IIS prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1, Host type SiteShell for Apache Windows V1.4, V1.5, and V1.6, and Host type SiteShell for Apache Windows prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1) allow authenticated attackers to bypass access restriction and to execute arbitrary code with an elevated privilege via a specially crafted executable files.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:apache_windows:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:iis:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:apache_windows:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:iis:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:apache_windows:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:iis:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:apache_windows:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:iis:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:apache_windows:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:iis:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:apache_windows:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:iis:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:apache_windows:*:*', 'cpe:2.3:a:nec:infocage_siteshell:*:*:*:*:*:iis:*:*', 'cpe:2.3:a:nec:infocage_siteshell:1.4:*:*:*:*:apache_windows:*:*', 'cpe:2.3:a:nec:infocage_siteshell:1.4:*:*:*:*:iis:*:*', 'cpe:2.3:a:nec:infocage_siteshell:1.5:*:*:*:*:apache_windows:*:*', 'cpe:2.3:a:nec:infocage_siteshell:1.5:*:*:*:*:iis:*:*', 'cpe:2.3:a:nec:infocage_siteshell:1.6:*:*:*:*:apache_windows:*:*', 'cpe:2.3:a:nec:infocage_siteshell:1.6:*:*:*:*:iis:*:*']",0,0
CVE-2020-5635,NEC Corporation,0.00151,8.8,0.0,1.0,0.0,1.0,0,2020-12-14,1.0,2020-12-11,,,1.0,"Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command execution.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:h:necplatforms:aterm_sa3500g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:necplatforms:aterm_sa3500g_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-5684,NEC Corporation,0.00065,4.8,0.0,1.0,1.0,0.0,0,2020-12-24,1.0,2020-12-18,,,1.0,"iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express does not verify a server certificate properly, which allows a man-in-the-middle attacker to eavesdrop on an encrypted communication or alter the communication via a crafted certificate.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,LOW,NONE,MEDIUM,2.2,2.5,['CWE-295'],"['cpe:2.3:a:nec:ism_server:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:m120:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:m12e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:m320:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:m320f:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5685,NEC Corporation,0.00246,9.8,0.0,1.0,0.0,1.0,0,2021-01-13,1.0,2021-01-14,,,0.0,UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service (DoS) condition by sending a specially crafted request to a specific URL.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:nec:univerge_sv9500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_sv9500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:univerge_sv8500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_sv8500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5686,NEC Corporation,0.00174,7.5,0.0,1.0,0.0,1.0,0,2021-01-13,1.0,2021-01-04,,,1.0,Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to access the remote system maintenance feature and obtain the information by sending a specially crafted request to a specific URL.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-287'],"['cpe:2.3:o:nec:univerge_sv9500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_sv9500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:univerge_sv8500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_sv8500:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20653,NEC Corporation,0.00114,5.3,0.0,1.0,0.0,1.0,0,2021-02-17,1.0,2021-02-15,,,1.0,"Calsos CSDJ (CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier) allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-276'],"['cpe:2.3:o:nec:csdj-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:csdj-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:csdj-h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:csdj-h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:csdj-d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:csdj-d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:csdj-a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:csdj-a:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20677,NEC Corporation,0.00109,3.1,0.0,1.0,0.0,0.0,0,2021-03-26,1.0,2021-03-22,,,1.0,"UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command.",CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L,NETWORK,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,LOW,LOW,1.6,1.4,['NVD-CWE-noinfo'],"['cpe:2.3:o:necplatforms:univerge_aspire_wx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:necplatforms:univerge_aspire_wx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:necplatforms:univerge_aspire_ux_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:necplatforms:univerge_aspire_ux:-:*:*:*:*:*:*:*', 'cpe:2.3:o:necplatforms:univerge_sv9100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:necplatforms:univerge_sv9100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:necplatforms:sl2100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:necplatforms:sl2100:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20701,NEC Corporation,0.00659,9.8,0.0,0.0,1.0,0.0,0,2021-11-03,1.0,2022-04-15,,,0.0,"Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution via a network.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:a:nec:clusterpro_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:clusterpro_x_singleserversafe:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x_singleserversafe:*:*:*:*:*:windows:*:*']",0,0
CVE-2021-20703,NEC Corporation,0.00659,9.8,0.0,0.0,1.0,0.0,0,2021-11-03,1.0,2022-04-15,,,0.0,"Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution via a network.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:a:nec:clusterpro_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:clusterpro_x_singleserversafe:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x_singleserversafe:*:*:*:*:*:windows:*:*']",0,0
CVE-2021-20704,NEC Corporation,0.00659,9.8,0.0,0.0,1.0,0.0,0,2021-11-03,1.0,2022-04-15,,,0.0,"Buffer overflow vulnerability in the compatible API with previous versions CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution via a network.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:a:nec:clusterpro_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:clusterpro_x_singleserversafe:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x_singleserversafe:*:*:*:*:*:windows:*:*']",0,0
CVE-2021-20705,NEC Corporation,0.00172,7.5,0.0,0.0,1.0,0.0,0,2021-11-03,1.0,2022-04-15,,,0.0,"Improper input validation vulnerability in the WebManager CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote file upload via network.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:a:nec:clusterpro_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:clusterpro_x_singleserversafe:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x_singleserversafe:*:*:*:*:*:windows:*:*']",0,0
CVE-2021-20706,NEC Corporation,0.00172,7.5,0.0,0.0,1.0,0.0,0,2021-11-03,1.0,2022-04-15,,,0.0,"Improper input validation vulnerability in the WebManager CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote file upload via network.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:a:nec:clusterpro_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:clusterpro_x_singleserversafe:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x_singleserversafe:*:*:*:*:*:windows:*:*']",0,0
CVE-2021-20707,NEC Corporation,0.00168,7.5,0.0,0.0,1.0,0.0,0,2021-11-03,1.0,2022-04-15,,,0.0,"Improper input validation vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to read files upload via network..",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:a:nec:clusterpro_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:clusterpro_x_singleserversafe:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x_singleserversafe:*:*:*:*:*:windows:*:*']",0,0
CVE-2021-20740,NEC Corporation,0.00724,8.8,0.0,1.0,0.0,1.0,0,2021-06-28,1.0,2021-06-18,,,1.0,"Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08(NEC2.5.4a) and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08(NEC3.4.2) allow remote authenticated attackers to execute arbitrary OS commands with root privileges via unspecified vectors.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:a:hitachi:virtual_file_platform:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hitachi:virtual_file_platform:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:nas_gateway_nh4a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:nas_gateway_nh4a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:nas_gateway_nh8a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:nas_gateway_nh8a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:nas_gateway_nh4b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:nas_gateway_nh4b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:nas_gateway_nh8b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:nas_gateway_nh8b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:nas_gateway_nh4c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:nas_gateway_nh4c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:nas_gateway_nh8c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:nas_gateway_nh8c:-:*:*:*:*:*:*:*']",0,0
CVE-2022-25621,NEC Corporation,0.00435,9.8,0.0,1.0,0.0,1.0,0,2022-03-11,1.0,2022-03-09,,,1.0,"UUNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and prior, UNIVERGE WA 1511 Ver8.2.11 and prior, UNIVERGE WA 1512 Ver8.2.11 and prior, UNIVERGE WA 2020 Ver8.2.11 and prior, UNIVERGE WA 2021 Ver8.2.11 and prior, UNIVERGE WA 2610-AP Ver8.2.11 and prior, UNIVERGE WA 2611-AP Ver8.2.11 and prior, UNIVERGE WA 2611E-AP Ver8.2.11 and prior, UNIVERGE WA WA2612-AP Ver8.2.11 and prior allows a remote attacker to execute arbitrary OS commands.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:nec:univerge_wa1020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_wa1020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:univerge_wa1510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_wa1510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:univerge_wa1511_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_wa1511:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:univerge_wa1512_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_wa1512:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:univerge_wa2020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_wa2020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:univerge_wa2021_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_wa2021:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:univerge_wa2610-ap_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_wa2610-ap:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:univerge_wa2611-ap_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_wa2611-ap:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:univerge_wa2611e-ap_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_wa2611e-ap:-:*:*:*:*:*:*:*', 'cpe:2.3:o:nec:univerge_wa2612-ap_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:univerge_wa2612-ap:-:*:*:*:*:*:*:*']",0,0
CVE-2022-34822,NEC Corporation,0.00405,9.8,0.0,0.0,1.0,0.0,0,2022-11-08,1.0,2022-11-04,,,1.0,"Path traversal vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-22'],"['cpe:2.3:a:nec:expresscluster_x:*:*:*:*:*:windows:*:*', 'cpe:2.3:a:nec:expresscluster_x_singleserversafe:*:*:*:*:*:windows:*:*']",0,0
CVE-2018-10544,Meross,0.00434,9.8,0.0,1.0,0.0,1.0,1,2018-05-02,1.0,2018-04-28,,,1.0,Meross MSS110 devices through 1.1.24 contain an unauthenticated admin.htm administrative interface.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:h:meross:mss110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:meross:mss110_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-6401,Meross,0.00659,9.8,0.0,1.0,0.0,1.0,1,2018-05-02,1.0,2018-04-28,,,1.0,Meross MSS110 devices before 1.1.24 contain a TELNET listener providing access for an undocumented admin account with a blank password.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:meross:mss110_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:meross:mss110:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3774,Meross,0.00216,6.5,0.0,1.0,0.0,1.0,0,2021-11-05,1.0,2021-11-04,,,1.0,"Meross Smart Wi-Fi 2 Way Wall Switch (MSS550X), on its 3.1.3 version and before, creates an open Wi-Fi Access Point without the required security measures in its initial setup. This could allow a remote attacker to obtain the Wi-Fi SSID as well as the password configured by the user from Meross app via Http/JSON plain request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-319'],"['cpe:2.3:o:meross:mss550x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:meross:mss550x:-:*:*:*:*:*:*:*']",1,0
CVE-2018-11314,Roku,0.00316,9.6,0.0,1.0,0.0,0.0,1,2018-07-03,0.0,,0.0,,,The External Control API in Roku and Roku TV products allow unauthorized access via a DNS Rebind attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.8,6.0,['CWE-20'],"['cpe:2.3:h:roku:roku_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:roku:roku:-:*:*:*:*:*:*:*']",0,0
CVE-2022-27152,Roku,0.00044,5.7,0.0,1.0,0.0,1.0,0,2022-04-08,0.0,,0.0,,,Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification.,CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.1,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:roku:roku_os:*:*:*:*:*:*:*:*', 'cpe:2.3:h:roku:express:-:*:*:*:*:*:*:*', 'cpe:2.3:h:roku:express_4k\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:roku:roku_tv:-:*:*:*:*:*:*:*', 'cpe:2.3:h:roku:streambar:-:*:*:*:*:*:*:*', 'cpe:2.3:h:roku:streambar_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:h:roku:streaming_stick_4k:-:*:*:*:*:*:*:*', 'cpe:2.3:h:roku:streaming_stick_4k\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:h:roku:ultra:-:*:*:*:*:*:*:*', 'cpe:2.3:h:roku:wireless_speakers:-:*:*:*:*:*:*:*', 'cpe:2.3:h:roku:wireless_subwoofer:-:*:*:*:*:*:*:*']",0,0
CVE-2018-11316,Sonos,0.0022,9.6,0.0,1.0,0.0,1.0,1,2018-07-03,0.0,,0.0,,,The UPnP HTTP server on Sonos wireless speaker products allow unauthorized access via a DNS rebinding attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,CHANGED,HIGH,HIGH,HIGH,CRITICAL,2.8,6.0,['CWE-20'],"['cpe:2.3:o:sonos:sonos_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sonos:sonos:-:*:*:*:*:*:*:*']",0,0
CVE-2020-9285,Sonos,0.00081,6.8,0.0,1.0,0.0,1.0,0,2022-10-20,1.0,2020-08-06,,,1.0,Some versions of Sonos One (1st and 2nd generation) allow partial or full memory access via attacker controlled hardware that can be attached to the Mini-PCI Express slot on the motherboard that hosts the WiFi card on the device.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:sonos:one:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sonos:one_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2022-24046,Sonos,0.00146,8.8,0.0,1.0,1.0,0.0,0,2022-02-18,1.0,2022-02-14,,,1.0,"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists within the anacapd daemon. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15828.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-191'],"['cpe:2.3:a:sonos:s1:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sonos:s2:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sonos:one:-:*:*:*:*:*:*:*']",0,0
CVE-2022-24049,Sonos,0.0195,9.8,0.0,1.0,1.0,0.0,0,2022-02-18,1.0,2022-02-10,,,1.0,This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists within the ALAC audio codec. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15798.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:a:sonos:s1:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sonos:s2:*:*:*:*:*:*:*:*', 'cpe:2.3:h:sonos:one:-:*:*:*:*:*:*:*']",0,0
CVE-2018-11629,Lutron,0.00514,9.8,0.0,1.0,0.0,1.0,1,2018-06-02,0.0,,0.0,,,"Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can be done through the ports revolve around controlling lighting, not code execution. A certain set of commands are listed, which bear some similarity to code, but they are not arbitrary and do not allow admin-level control of a machine",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:lutron:stanza_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lutron:stanza:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lutron:radiora_2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lutron:radiora_2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lutron:homeworks_qs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lutron:homeworks_qs:-:*:*:*:*:*:*:*']",0,0
CVE-2018-11681,Lutron,0.00514,9.8,0.0,1.0,0.0,1.0,1,2018-06-02,0.0,,0.0,,,"Default and unremovable support credentials (user:nwk password:nwk2) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the RadioRA 2 Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can be done through the ports revolve around controlling lighting, not code execution. A certain set of commands are listed, which bear some similarity to code, but they are not arbitrary and do not allow admin-level control of a machine",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:lutron:stanza_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lutron:stanza:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lutron:radiora_2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lutron:radiora_2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lutron:homeworks_qs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lutron:homeworks_qs:-:*:*:*:*:*:*:*']",0,0
CVE-2018-11682,Lutron,0.00514,9.8,0.0,1.0,0.0,1.0,1,2018-06-02,0.0,,0.0,,,"Default and unremovable support credentials allow attackers to gain total super user control of an IoT device through a TELNET session to products using the Stanza Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can be done through the ports revolve around controlling lighting, not code execution. A certain set of commands are listed, which bear some similarity to code, but they are not arbitrary and do not allow admin-level control of a machine",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:lutron:stanza_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lutron:stanza:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lutron:radiora_2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lutron:radiora_2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:lutron:homeworks_qs_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:lutron:homeworks_qs:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7276,Lutron,0.00802,7.5,0.0,1.0,0.0,1.0,1,2018-02-21,0.0,,0.0,,,"An issue was discovered on Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) devices. Remote attackers can obtain potentially sensitive information via a /DbXmlInfo.xml request, as demonstrated by the Latitude/Longitude of the device.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:o:lutron:quantum_bacnet_integration_firmware:3.2.243:*:*:*:*:*:*:*', 'cpe:2.3:h:lutron:quantum_bacnet_integration:2.0:*:*:*:*:*:*:*']",0,0
CVE-2018-8880,Lutron,0.04009,7.5,1.0,1.0,0.0,1.0,1,2018-04-23,0.0,,0.0,,,"Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check for correct user authentication before showing the /deviceIP information, which leads to internal network information disclosure.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:o:lutron:quantum_bacnet_integration_firmware:3.2.243:*:*:*:*:*:*:*', 'cpe:2.3:h:lutron:quantum_bacnet_integration:2.0:*:*:*:*:*:*:*']",1,0
CVE-2018-11692,Canon,0.00321,9.8,0.0,1.0,0.0,1.0,1,2018-06-04,0.0,,0.0,,,"An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. It is possible to bypass the Administrator Mode authentication for /tlogin.cgi via vectors involving frame.cgi?page=DevStatus. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:canon:lbp3370_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp3370:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:lbp3460_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp3460:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:lbp7750c_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp7750c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:lbp6650_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp6650:-:*:*:*:*:*:*:*']",0,0
CVE-2018-11711,Canon,0.00968,9.8,0.0,1.0,0.0,1.0,1,2018-06-04,0.0,,0.0,,,A remote attacker can bypass the System Manager Mode on the Canon MF210 and MF220 web interface without knowing the PIN for /login.html via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:canon:mf210_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf220:-:*:*:*:*:*:*:*']",0,0
CVE-2018-12048,Canon,0.00968,9.8,0.0,1.0,0.0,1.0,1,2018-06-08,0.0,,0.0,,,A remote attacker can bypass the Management Mode on the Canon LBP7110Cw web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:canon:lbp7110cw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp7110cw:-:*:*:*:*:*:*:*']",0,0
CVE-2018-12049,Canon,0.00968,9.8,0.0,1.0,0.0,1.0,1,2018-06-08,0.0,,0.0,,,A remote attacker can bypass the System Manager Mode on the Canon LBP6030w web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:canon:lbp6030w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp6030w:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5994,Canon,0.00915,8.8,0.0,1.0,0.0,1.0,1,2019-08-06,1.0,2019-08-06,,,1.0,"Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via SendObjectInfo command.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-119'],"['cpe:2.3:o:canon:eos-1d_x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos-1d_x_mkii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_x_mkii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos-1d_c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5d_mark_iii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5d_mark_iii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5d_mark_iv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5d_mark_iv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5ds_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5ds:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5ds_r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5ds_r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_6d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_6d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_7d_mark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_7d_mark_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_70d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_70d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_80d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_80d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x7i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x7i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_700d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_700d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x8i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x8i:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_750d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_750d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x9i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x9i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t7i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t7i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_800d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_800d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_100d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_100d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_250d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_250d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_8000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_8000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_760d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_760d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_9000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_9000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_77d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_77d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5_re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5_re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1200d_mg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1200d_mg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_hi_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_hi:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x80_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x80:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1300d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1300d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1500d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1500d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_2000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_2000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_3000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_3000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_4000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_4000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_rp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_rp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_rp_gold_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_rp_gold:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m6\\(china\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m6\\(china\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_sx740_hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_sx740_hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_sx70_hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_sx70_hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_g5xmark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_g5xmark_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_6d_mark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_6d_mark_ii:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5995,Canon,0.00254,6.5,0.0,1.0,0.0,1.0,1,2019-08-06,1.0,2019-08-06,,,1.0,"Missing authorization vulnerability exists in EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier. A successful exploitation may result in a specially crafted firmware update or unofficial firmware update being applied without user's consent via unspecified vector.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-862'],"['cpe:2.3:o:canon:eos-1d_x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos-1d_x_mkii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_x_mkii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos-1d_c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5d_mark_iii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5d_mark_iii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5d_mark_iv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5d_mark_iv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5ds_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5ds:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5ds_r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5ds_r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_6d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_6d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_7d_mark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_7d_mark_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_70d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_70d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_80d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_80d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x7i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x7i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_700d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_700d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x8i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x8i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_750d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_750d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x9i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x9i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t7i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t7i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_800d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_800d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_100d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_100d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_250d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_250d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_8000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_8000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_760d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_760d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_9000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_9000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_77d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_77d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5_re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5_re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1200d_mg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1200d_mg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_hi_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_hi:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x80_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x80:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1300d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1300d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1500d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1500d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_2000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_2000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_3000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_3000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_4000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_4000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_rp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_rp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_rp_gold_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_rp_gold:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m6\\(china\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m6\\(china\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_sx740_hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_sx740_hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_sx70_hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_sx70_hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_g5xmark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_g5xmark_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_6d_mark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_6d_mark_ii:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5998,Canon,0.00646,8.8,0.0,1.0,0.0,1.0,1,2019-08-06,1.0,2019-08-06,,,1.0,"Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via notifybtstatus command.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:canon:eos-1d_x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos-1d_x_mkii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_x_mkii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos-1d_c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5d_mark_iii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5d_mark_iii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5d_mark_iv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5d_mark_iv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5ds_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5ds:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5ds_r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5ds_r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_6d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_6d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_7d_mark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_7d_mark_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_70d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_70d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_80d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_80d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x7i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x7i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_700d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_700d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x8i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x8i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_750d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_750d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x9i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x9i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t7i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t7i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_800d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_800d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_100d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_100d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_250d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_250d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_8000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_8000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_760d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_760d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_9000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_9000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_77d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_77d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5_re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5_re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1200d_mg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1200d_mg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_hi_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_hi:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x80_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x80:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1300d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1300d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1500d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1500d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_2000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_2000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_3000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_3000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_4000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_4000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_rp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_rp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_rp_gold_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_rp_gold:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m6\\(china\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m6\\(china\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_sx740_hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_sx740_hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_sx70_hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_sx70_hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_g5xmark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_g5xmark_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_6d_mark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_6d_mark_ii:-:*:*:*:*:*:*:*']",0,0
CVE-2019-5999,Canon,0.00646,8.8,0.0,1.0,0.0,1.0,1,2019-08-06,1.0,2019-08-06,,,1.0,"Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via blerequest command.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:canon:eos-1d_x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos-1d_x_mkii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_x_mkii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos-1d_c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5d_mark_iii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5d_mark_iii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5d_mark_iv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5d_mark_iv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5ds_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5ds:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5ds_r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5ds_r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_6d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_6d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_7d_mark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_7d_mark_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_70d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_70d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_80d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_80d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x7i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x7i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_700d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_700d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x8i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x8i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_750d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_750d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x9i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x9i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t7i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t7i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_800d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_800d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_100d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_100d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_250d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_250d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_8000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_8000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_760d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_760d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_9000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_9000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_77d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_77d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5_re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5_re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1200d_mg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1200d_mg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_hi_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_hi:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x80_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x80:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1300d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1300d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1500d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1500d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_2000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_2000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_3000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_3000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_4000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_4000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_rp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_rp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_rp_gold_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_rp_gold:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m6\\(china\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m6\\(china\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_sx740_hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_sx740_hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_sx70_hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_sx70_hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_g5xmark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_g5xmark_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_6d_mark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_6d_mark_ii:-:*:*:*:*:*:*:*']",0,0
CVE-2019-6000,Canon,0.00646,8.8,0.0,1.0,0.0,1.0,1,2019-08-06,1.0,2019-08-06,,,1.0,"Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via sendhostinfo command.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:canon:eos-1d_x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos-1d_x_mkii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_x_mkii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos-1d_c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5d_mark_iii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5d_mark_iii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5d_mark_iv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5d_mark_iv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5ds_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5ds:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5ds_r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5ds_r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_6d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_6d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_7d_mark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_7d_mark_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_70d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_70d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_80d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_80d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x7i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x7i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_700d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_700d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x8i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x8i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_750d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_750d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x9i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x9i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t7i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t7i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_800d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_800d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_100d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_100d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_250d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_250d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_8000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_8000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_760d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_760d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_9000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_9000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_77d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_77d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5_re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5_re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1200d_mg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1200d_mg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_hi_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_hi:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x80_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x80:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1300d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1300d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1500d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1500d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_2000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_2000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_3000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_3000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_4000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_4000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_rp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_rp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_rp_gold_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_rp_gold:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m6\\(china\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m6\\(china\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_sx740_hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_sx740_hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_sx70_hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_sx70_hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_g5xmark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_g5xmark_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_6d_mark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_6d_mark_ii:-:*:*:*:*:*:*:*']",0,0
CVE-2019-6001,Canon,0.00647,6.8,0.0,1.0,0.0,1.0,1,2019-08-06,1.0,2019-08-06,,,1.0,"Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digital cameras (EOS-1D X firmware version 2.1.0 and earlier, EOS-1D X MKII firmware version 1.1.6 and earlier, EOS-1D C firmware version 1.4.1 and earlier, EOS 5D MARK III firmware version 1.3.5 and earlier, EOS 5D MARK IV firmware version 1.2.0 and earlier, EOS 5DS firmware version 1.1.2 and earlier, EOS 5DS R firmware version 1.1.2 and earlier, EOS 6D firmware version 1.1.8 and earlier, EOS 6D MARK II firmware version 1.0.4 and earlier, EOS 7D MARK II firmware version 1.1.2 and earlier, EOS 70 D firmware version 1.1.2 and earlier, EOS 80 D firmware version 1.0.2 and earlier, EOS KISS X7I / EOS D REBEL T5I / EOS 700D firmware version 1.1.5 and earlier, EOS KISS X8I / EOS D REBEL T6I / EOS 750D firmware version 1.0.0 and earlier, EOS KISS X9I / EOS D REBEL T7I / EOS 800D firmware version 1.0.1 and earlier, EOS KISS X7 / EOS D REBEL SL1 / EOS 100D firmware version 1.0.1 and earlier, EOS KISS X9 / EOS D REBEL SL2 / EOS 200D firmware version 1.0.1 and earlier, EOS KISS X10 / EOS D REBEL SL3 / EOS 200D / EOS 250D firmware version 1.0.1 and earlier, EOS 8000D / EOS D REBEL T6S / EOS 760D firmware version 1.0.0 and earlier, EOS 9000D / EOS 77D firmware version 1.0.2 and earlier, EOS KISS X70 / EOS D REBEL T5 / EOS 1200D firmware version 1.0.2 and earlier, EOS D REBEL T5 RE / EOS 1200D MG / EOS HI firmware version 1.0.2 and earlier, EOS KISS X80 / EOS D REBEL T6 / EOS 1300D firmware version 1.1.0 and earlier, EOS KISS X90 / EOS D REBEL T7 / EOS 1500D / EOS 2000D firmware version 1.0.0 and earlier, EOS D REBEL T100 / EOS 3000D / EOS 4000D firmware version 1.0.0 and earlier, EOS R firmware version 1.3.0 and earlier, EOS RP firmware version 1.2.0 and earlier, EOS RP GOLD firmware version 1.2.0 and earlier, EOS M2 firmware version 1.0.3 and earlier, EOS M3 firmware version 1.2.0 and earlier, EOS M5 firmware version 1.0.1 and earlier, EOS M6 firmware version 1.0.1 and earlier, EOS M6(China) firmware version 5.0.0 and earlier, EOS M10 firmware version 1.1.0 and earlier, EOS M100 firmware version 1.0.0 and earlier, EOS KISS M / EOS M50 firmware version 1.0.2 and earlier) and PowerShot SX740 HS firmware version 1.0.1 and earlier, PowerShot SX70 HS firmware version 1.1.0 and earlier, and PowerShot G5Xmark II firmware version 1.0.1 and earlier allows an attacker on the same network segment to trigger the affected product being unresponsive or to execute arbitrary code on the affected product via setadapterbatteryreport command.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-119'],"['cpe:2.3:o:canon:eos-1d_x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos-1d_x_mkii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_x_mkii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos-1d_c_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos-1d_c:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5d_mark_iii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5d_mark_iii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5d_mark_iv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5d_mark_iv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5ds_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5ds:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_5ds_r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_5ds_r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_6d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_6d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_7d_mark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_7d_mark_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_70d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_70d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_80d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_80d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x7i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x7i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_700d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_700d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x8i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x8i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_750d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_750d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x9i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x9i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t7i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t7i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_800d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_800d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_100d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_100d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x9_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_sl3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_sl3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_250d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_250d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_8000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_8000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_760d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_760d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_9000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_9000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_77d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_77d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1200d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1200d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t5_re_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t5_re:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1200d_mg_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1200d_mg:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_hi_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_hi:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x80_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x80:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1300d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1300d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_x90_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_x90:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t7_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_1500d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_1500d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_2000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_2000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_d_rebel_t100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_d_rebel_t100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_3000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_3000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_4000d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_4000d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_r:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_rp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_rp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_rp_gold_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_rp_gold:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m6_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m6\\(china\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m6\\(china\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m10_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m100_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m100:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_kiss_m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_kiss_m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_m50_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_m50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_sx740_hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_sx740_hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_sx70_hs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_sx70_hs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:powershot_g5xmark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:powershot_g5xmark_ii:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:eos_6d_mark_ii_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:eos_6d_mark_ii:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10667,Canon,0.00543,6.1,0.0,1.0,0.0,1.0,1,2020-03-19,0.0,,0.0,,,The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Stored XSS in /TemplateManager/indexExternalLocation.jsp. The vulnerable parameter is map(template_name). NOTE: this is fixed in the latest version.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:canon:oce_colorwave_500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:oce_colorwave_500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10668,Canon,0.00543,6.1,0.0,1.0,0.0,1.0,1,2020-03-19,0.0,,0.0,,,The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in /home.jsp. The vulnerable parameter is openSI. NOTE: this is fixed in the latest version.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:canon:oce_colorwave_500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:oce_colorwave_500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10669,Canon,0.17782,7.5,0.0,1.0,0.0,1.0,1,2020-03-19,0.0,,0.0,,,The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. An unauthenticated attacker able to connect to the device's web interface can get a copy of the documents uploaded by any users. NOTE: this is fixed in the latest version.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-287'],"['cpe:2.3:o:canon:oce_colorwave_500_firmware:4.0.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:oce_colorwave_500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10670,Canon,0.00215,6.1,0.0,1.0,0.0,1.0,1,2020-03-19,0.0,,0.0,,,The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in the parameter settingId of the settingDialogContent.jsp page. NOTE: this is fixed in the latest version.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:canon:oce_colorwave_500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:oce_colorwave_500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10671,Canon,0.00389,8.8,0.0,1.0,0.0,1.0,1,2020-03-19,0.0,,0.0,,,The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missing any form of CSRF protections. This is a system-wide issue. An attacker could perform administrative actions by targeting a logged-in administrative user. NOTE: this is fixed in the latest version.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:canon:oce_colorwave_500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:oce_colorwave_500:-:*:*:*:*:*:*:*']",0,0
CVE-2020-12695,Canon,0.00547,7.5,0.0,1.0,0.0,0.0,1,2020-06-08,1.0,2020-06-08,,,1.0,"The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H,NETWORK,HIGH,NONE,NONE,CHANGED,LOW,NONE,HIGH,HIGH,2.2,4.7,['CWE-276'],"['cpe:2.3:a:ui:unifi_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-n11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:broadcom:adsl:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:selphy_cp1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:wap131:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:wap150:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:wap351:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dvg-n5412sp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:b1165nfw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-101:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ew-m970a3t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:m571t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-2101:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-2105:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-241:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-320:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-330:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-340:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-4105:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-440:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-702:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-8500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-8600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-960:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-970:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5020_z4a69a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5030_m2u92b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5030_z4a70a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5034_z4a74a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5660_f8b04a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3456_a9t84c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t83b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3546_a9t82a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3548_a9t81b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4515:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4518:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4536_f0v65a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4538_f0v66b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4676_f1h98a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4678_f1h99b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn517a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn517b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn517c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn518a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn519a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn519b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq812c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_111_cq810a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_114_cq811a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_114_cq811b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_114_cq812a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_120_cz022a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_120_cz022b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_120_cz022c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_a9t80a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_a9t80b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_a9t89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_d3p93a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4501_c8d05a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4502_a9t85a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4502_a9t87b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4503_e6g71b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4504_a9t88b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4504_c8d04a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4505_a9t86a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4507_e6g70b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4508_e6g72b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4509_d3p94a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4509_d3p94b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4511_k9h50a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4512_k9h49a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4513_k9h51a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4516_k9h52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_e6g67a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_e6g67b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_f0v63a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_f0v63b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_f0v69a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4521_k9t10b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4522_f0v67a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4523_j6u60b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4524_f0v71b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4524_f0v72b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4524_k9t01a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4525_k9t09b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4526_k9t05b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4527_j6u61b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4528_k9t08b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u85a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u85b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u91a:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u91a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u94b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_z4a54a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_z4a74a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5020_m2u91b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5530:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5531:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5532:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5534:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5535:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5536:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5539:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_f2e72a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v47a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v51a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v53a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_k7c85a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5541_k7g89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5542_k7c88a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5543_n9u88a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5544_k7c89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5544_k7c93a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5545_g0v50a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5546_k7c90a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5547_j6u64a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5548_k7g87a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5640_b9s56a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5640_b9s58a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5642_b9s64a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5643_b9s63a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5644_b9s65a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5646_f8b05a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5664_f8b08a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5665_f8b06a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_5se16b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_5se17a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_6wd35a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_7cz37a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6052_5se18a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6055_5se16a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6540_b9s59a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_7640:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_7644_e4w46a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_7645_e4w44a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_k7g18a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_k7g26b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_k7s21b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_y0k13d_:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_y0k15a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6220_k7g20d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6220_k7g21b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6222_y0k13d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6222_y0k14d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6230_k7g25b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6232_k7g26b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6234_k7s21b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6252_k7g22a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_3xd89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_k7g93a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_k7g99a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_z3m37a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_z3m52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7120_z3m41d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7155_z3m52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7164_k7g99a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_k7r96a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_k7s00a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_k7s10d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_y0g42d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_y0g52b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7822_y0g42d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7822_y0g43d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7830_y0g50b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_5se45b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_5se46a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_6wd14a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_6wd16a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6452_5se47a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6455_5se45a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4650_e6g87a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4650_f1h96a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4650_f1h96b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4652_f1j02a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4652_f1j05b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4652_k9v84b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4654_f1j06b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4654_f1j07b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4655_f1j00a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4655_k9v79a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4655_k9v82b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4656_k9v81b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4657_v6d29b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4658_v6d30b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hg255s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hg532e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:wr8165n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnhde111:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ruckussecurity:zonedirector_1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:archer_c50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:amg1202-t10b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8324-b10a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:xbox_one:10.0.19041.2494:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*']",0,0
CVE-2020-16849,Canon,0.00178,7.5,0.0,1.0,0.0,1.0,1,2020-11-30,1.0,2020-10-29,,,1.0,"An issue was discovered on Canon MF237w 06.07 devices. An ""Improper Handling of Length Parameter Inconsistency"" issue in the IPv4/ICMPv4 component, when handling a packet sent by an unauthenticated network attacker, may expose Sensitive Information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['NVD-CWE-Other'],"['cpe:2.3:h:canon:mf237w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf237w_firmware:06.07:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf113w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf113w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf212w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf212w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf216n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf216n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf217w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf217w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf226dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf226dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf229dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf229dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf231:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf231_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf232w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf232w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf244dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf244dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf247dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf247dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf249dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf249dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf264dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf264dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf267dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf267dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf269dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf269dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf4570dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf4570dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf4580dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf4580dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf4780w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf4780w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf4870dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf4870dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:mf4890dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf4890dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:lbp113w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp113w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:lbp151dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp151dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:lbp162dw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp162dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:ir2202n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:ir2202n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:ir2204n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:ir2204n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:ir2204f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:ir2204f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:ir2206n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:ir2206n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:ir2206if_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:ir2206if:-:*:*:*:*:*:*:*']",0,0
CVE-2021-43471,Canon,0.00115,7.5,0.0,1.0,0.0,1.0,1,2021-12-06,0.0,,0.0,,,"In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-521'],"['cpe:2.3:h:canon:lbp223dw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canon:lbp223dw_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2018-12111,Canon,0.00103,6.1,1.0,0.0,1.0,0.0,0,2018-06-11,0.0,,0.0,,,Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /wt3/mydocs.php URI.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:canon:efi_printme:*:*:*:*:*:*:*:*'],1,0
CVE-2019-14339,Canon,0.00089,5.5,1.0,0.0,1.0,0.0,0,2019-09-05,0.0,,0.0,,,The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access. This allows an attacker's malicious application to obtain sensitive information including factory passwords for the administrator web interface and WPA2-PSK key.,CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],['cpe:2.3:a:canon:print:2.5.5:*:*:*:*:android:*:*'],1,0
CVE-2020-26508,Canon,0.00222,9.8,0.0,1.0,0.0,1.0,0,2020-11-16,0.0,,0.0,,,"The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve stored SMB credentials via the export feature, even though these are intentionally inaccessible in the UI.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-522'],"['cpe:2.3:o:canon:oce_colorwave_3500_firmware:5.1.1.0:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:oce_colorwave_3500:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20877,Canon,0.00211,4.8,0.0,1.0,0.0,0.0,0,2022-02-08,1.0,2021-12-21,,,1.0,"Cross-site scripting vulnerability in Canon laser printers and small office multifunctional printers (LBP162L/LBP162, MF4890dw, MF269dw/MF265dw/MF264dw/MF262dw, MF249dw/MF245dw/MF244dw/MF242dw/MF232w, and MF229dw/MF224dw/MF222dw sold in Japan, imageCLASS MF Series (MF113W/MF212W/MF217W/MF227DW/MF229DW, MF232W/MF244DW/MF247DW/MF249DW, MF264DW/MF267DW/MF269DW/MF269DW VP, and MF4570DN/MF4570DW/MF4770N/MF4880DW/MF4890DW) and imageCLASS LBP Series (LBP113W/LBP151DW/LBP162DW ) sold in the US, and iSENSYS (LBP162DW, LBP113W, LBP151DW, MF269dw, MF267dw, MF264dw, MF113w, MF249dw, MF247dw, MF244dw, MF237w, MF232w, MF229dw, MF217w, MF212w, MF4780w, and MF4890dw) and imageRUNNER (2206IF, 2204N, and 2204F) sold in Europe) allows remote attackers to inject an arbitrary script via unspecified vectors.",CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.7,2.7,['CWE-79'],"['cpe:2.3:h:canon:2204f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:2204n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:2206if:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp113w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp151dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp162:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp162dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:lbp162l:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf113w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf212w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf217w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf222dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf224dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf227dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf229dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf232w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf237w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf242dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf244dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf245dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf247dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf249dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf262dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf264dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf265dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf267dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf269dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf269dw_vp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf4570dn:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf4570dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf4770n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf4780w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf4880dw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:mf4890dw:-:*:*:*:*:*:*:*']",0,0
CVE-2021-38085,Canon,0.00053,7.8,0.0,1.0,0.0,1.0,0,2021-08-11,0.0,,0.0,,,"The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. During the add printer process, a local attacker can overwrite CNMurGE.dll and, if timed properly, the overwritten DLL will be loaded into a SYSTEM process resulting in escalation of privileges. This occurs because the driver drops a world-writable DLL into a CanonBJ %PROGRAMDATA% location that gets loaded by printisolationhost (a system process).",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-732'],"['cpe:2.3:o:canon:pixma_tr150_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:pixma_tr150:-:*:*:*:*:*:*:*']",0,0
CVE-2021-39367,Canon,0.0009,5.3,0.0,0.0,1.0,0.0,0,2021-08-23,0.0,,0.0,,,Canon Oce Print Exec Workgroup 1.3.2 allows Host header injection.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE,MEDIUM,3.9,1.4,['CWE-116'],['cpe:2.3:a:canon:oce_print_exec_workgroup:1.3.2:*:*:*:*:*:*:*'],0,0
CVE-2021-39368,Canon,0.00087,6.1,0.0,0.0,1.0,0.0,0,2021-08-23,0.0,,0.0,,,Canon Oce Print Exec Workgroup 1.3.2 allows XSS via the lang parameter.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:canon:oce_print_exec_workgroup:1.3.2:*:*:*:*:*:*:*'],0,0
CVE-2022-26111,Canon,0.00463,8.8,0.0,0.0,1.0,0.0,0,2022-04-25,1.0,2022-03-14,,,1.0,"The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. The search components permit adding BeanShell expressions that result in Remote Code Execution in the context of the IRISNext application user, running on the web server.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-917'],['cpe:2.3:a:canon:irisnext:*:*:*:*:*:*:*:*'],0,0
CVE-2018-12041,MediaTek,0.00126,7.5,0.0,1.0,0.0,1.0,1,2018-06-08,0.0,,0.0,,,An issue was discovered on the MediaTek AWUS036NH wireless USB adapter through 5.1.25.0. Attackers can remotely deny service by sending specially constructed 802.11 frames.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:o:mediatek:awus036nh_firmware:5.1.25.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:awus036nh:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15027,MediaTek,0.00986,9.8,0.0,1.0,0.0,1.0,1,2019-08-14,0.0,,0.0,,,"The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system(""/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:mediatek:mt8163_firmware:-:*:*:*:*:android:*:*', 'cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:android:*:*', 'cpe:2.3:o:mediatek:mt6625_firmware:-:*:*:*:*:android:*:*', 'cpe:2.3:h:mediatek:mt6625:-:*:*:*:*:android:*:*', 'cpe:2.3:o:mediatek:mt6577_firmware:-:*:*:*:*:android:*:*', 'cpe:2.3:h:mediatek:mt6577:-:*:*:*:*:android:*:*']",0,0
CVE-2019-18989,MediaTek,0.00058,5.4,0.0,1.0,0.0,1.0,1,2020-09-30,1.0,2019-09-25,,,1.0,"A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an encrypted frame, which would allow an attacker to discern information or potentially modify data.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.5,['CWE-290'],"['cpe:2.3:h:mediatek:mt7620n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7620n_firmware:1.06:*:*:*:*:*:*:*']",0,0
CVE-2022-20083,MediaTek,0.00541,9.8,0.0,1.0,0.0,1.0,1,2022-07-06,1.0,2022-07-04,,,1.0,"In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00803883; Issue ID: MOLY00803883.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:mediatek:lr11:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:lr12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:lr9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6725:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6775:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21744,MediaTek,0.00541,9.8,0.0,1.0,0.0,1.0,1,2022-07-06,1.0,2022-07-04,,,1.0,"In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding GPRS Packet Neighbour Cell Data (PNCD) improper neighbouring cell size with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00810064; Issue ID: ALPS06641626.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:mediatek:lr11:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:lr12:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:lr9:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6725:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757p:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6775:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21766,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,1,2022-07-06,1.0,2022-07-04,,,1.0,"In CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641673; Issue ID: ALPS06641653.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21767,MediaTek,0.00048,8.8,0.0,1.0,0.0,0.0,1,2022-07-06,1.0,2022-07-04,,,1.0,"In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21768,MediaTek,0.00048,8.8,0.0,1.0,0.0,0.0,1,2022-07-06,1.0,2022-07-04,,,1.0,"In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784351; Issue ID: ALPS06784351.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21776,MediaTek,0.00042,6.4,0.0,1.0,0.0,0.0,1,2022-07-06,1.0,2022-07-04,,,1.0,"In MDP, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545450; Issue ID: ALPS06545450.",CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,HIGH,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.5,5.9,['CWE-362'],"['cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21777,MediaTek,0.00042,7.8,0.0,1.0,0.0,0.0,1,2022-07-06,1.0,2022-07-04,,,1.0,"In Autoboot, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06713894; Issue ID: ALPS06713894.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-862'],"['cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21779,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,1,2022-07-06,1.0,2022-07-04,,,1.0,"In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704393.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21786,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,1,2022-07-06,1.0,2022-07-04,,,1.0,"In audio DSP, there is a possible memory corruption due to improper casting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558822; Issue ID: ALPS06558822.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-704'],"['cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21787,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,1,2022-07-06,1.0,2022-07-04,,,1.0,"In audio DSP, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558844; Issue ID: ALPS06558844.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*']",0,0
CVE-2022-26446,MediaTek,0.00173,7.5,0.0,1.0,0.0,1.0,1,2022-11-08,1.0,2022-11-07,,,1.0,"In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-617'],"['cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt2731:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6725:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-26471,MediaTek,0.00042,7.8,0.0,1.0,0.0,0.0,1,2022-10-07,1.0,2022-10-03,,,1.0,"In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319121; Issue ID: ALPS07319121.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-502'],"['cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-26472,MediaTek,0.00042,7.8,0.0,1.0,0.0,0.0,1,2022-10-07,1.0,2022-10-03,,,1.0,"In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-502'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2018-21054,MediaTek,0.00119,9.8,0.0,1.0,0.0,0.0,0,2020-04-08,0.0,,0.0,,,"An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer overflow in eCryptFS. The Samsung ID is SVE-2017-11857 (September 2018).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-190'],"['cpe:2.3:h:samsung:exynos_9610:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:h:qualcomm:msm8909:-:*:*:*:*:*:*:*', 'cpe:2.3:h:qualcomm:msm9830:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_3470:-:*:*:*:*:*:*:*', 'cpe:2.3:h:samsung:exynos_5420:-:*:*:*:*:*:*:*', 'cpe:2.3:h:unisoc:sc7715:-:*:*:*:*:*:*:*', 'cpe:2.3:h:unisoc:sc7730:-:*:*:*:*:*:*:*', 'cpe:2.3:h:unisoc:sc7731:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:qualcomm:msm8939:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:m6737t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:qualcomm:msm8996:-:*:*:*:*:*:*:*', 'cpe:2.3:h:qualcomm:sdm6xx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:7.1:*:*:*:*:*:*:*']",0,0
CVE-2021-0422,MediaTek,0.00042,5.5,0.0,1.0,0.0,0.0,0,2021-09-27,1.0,2021-09-01,,,1.0,"In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05381071.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-770'],"['cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582_90:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6589:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6589td:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592_90:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6595:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6732:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*']",0,0
CVE-2021-0425,MediaTek,0.00042,5.5,0.0,1.0,0.0,0.0,0,2021-09-27,1.0,2022-01-13,,,0.0,"In memory management driver, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05400059.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582_90:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6589:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6589td:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592_90:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6595:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6732:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*']",0,0
CVE-2021-0610,MediaTek,0.00043,7.8,0.0,1.0,0.0,0.0,0,2021-09-27,1.0,2021-09-01,,,1.0,"In memory management driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05411456.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-190'],"['cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582_90:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6589:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6589td:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592_90:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6595:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6732:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*']",0,0
CVE-2021-0612,MediaTek,0.00042,7.8,0.0,1.0,0.0,0.0,0,2021-09-27,1.0,2021-09-01,,,1.0,"In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-416'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582_90:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6582w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6589:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6589td:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592_90:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592h:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6592w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6595:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6732:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*']",0,0
CVE-2021-0619,MediaTek,0.00042,5.5,0.0,1.0,0.0,0.0,0,2021-11-18,1.0,2021-11-11,,,1.0,"In ape extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561395; Issue ID: ALPS05561395.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-125'],"['cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*']",0,0
CVE-2021-0657,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,0,2021-11-18,1.0,2021-11-11,,,1.0,"In apusys, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672103; Issue ID: ALPS05672103.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2021-0669,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,0,2021-11-18,1.0,2021-11-11,,,1.0,"In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05681550; Issue ID: ALPS05681550.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-416'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9970:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9980:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9981:-:*:*:*:*:*:*:*']",0,0
CVE-2021-0678,MediaTek,0.00044,6.7,0.0,1.0,0.0,0.0,0,2021-12-17,1.0,2021-12-01,,,1.0,"In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05722511.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2021-0894,MediaTek,0.00044,6.7,0.0,1.0,0.0,0.0,0,2021-12-17,1.0,2021-12-01,,,1.0,"In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672038.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2021-0900,MediaTek,0.00044,4.4,0.0,1.0,0.0,0.0,0,2021-12-17,1.0,2021-12-01,,,1.0,"In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672055.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.8,3.6,['CWE-125'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2021-25477,MediaTek,0.001,4.9,0.0,1.0,0.0,0.0,0,2021-10-06,0.0,,0.0,,,An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.2,3.6,['CWE-415'],"['cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*']",0,0
CVE-2021-32467,MediaTek,0.00116,7.5,0.0,1.0,0.0,1.0,0,2021-12-26,1.0,2022-01-03,,,0.0,"MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*']",0,0
CVE-2021-35055,MediaTek,0.0022,8.8,0.0,1.0,0.0,1.0,0,2021-12-26,1.0,2022-01-03,,,0.0,"MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7620_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7610_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*']",0,0
CVE-2021-37564,MediaTek,0.00116,7.5,0.0,1.0,0.0,1.0,0,2021-12-26,1.0,2022-01-03,,,0.0,"MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*']",0,0
CVE-2021-37570,MediaTek,0.00116,7.5,0.0,1.0,0.0,1.0,0,2021-12-26,1.0,2022-01-03,,,0.0,"MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*']",0,0
CVE-2021-41788,MediaTek,0.00166,7.5,0.0,1.0,0.0,1.0,0,2021-12-26,1.0,2022-01-03,,,0.0,"MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7628_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7629_firmware:7.4.0.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7915_firmware:7.4.0.0:*:*:*:*:*:*:*']",0,0
CVE-2022-20028,MediaTek,0.00042,7.8,0.0,1.0,0.0,0.0,0,2022-02-09,1.0,2022-02-07,,,1.0,"In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198663; Issue ID: ALPS06198663.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*']",0,0
CVE-2022-20047,MediaTek,0.00042,7.8,0.0,1.0,0.0,0.0,0,2022-03-10,1.0,2022-03-07,,,1.0,"In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917489; Issue ID: ALPS05917489.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-787'],"['cpe:2.3:h:mediatek:mt5816:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt5835:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9900:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9901:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9950:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9969:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9970:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9980:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*']",0,0
CVE-2022-20052,MediaTek,0.00043,6.5,0.0,1.0,0.0,0.0,0,2022-04-11,1.0,2022-04-06,,,1.0,"In mdp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS05836642; Issue ID: ALPS05836642.",CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.6,5.9,['CWE-416'],"['cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*']",0,0
CVE-2022-20054,MediaTek,0.00042,7.8,0.0,1.0,0.0,0.0,0,2022-03-10,1.0,2022-03-07,,,1.0,"In ims service, there is a possible AT command injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219083; Issue ID: ALPS06219083.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-862'],"['cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-20055,MediaTek,0.00045,6.8,0.0,1.0,0.0,0.0,0,2022-03-10,1.0,2022-03-07,,,1.0,"In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160830.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-787'],"['cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8735a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8735b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*']",0,0
CVE-2022-20064,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,0,2022-04-11,1.0,2022-04-06,,,1.0,"In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108617; Issue ID: ALPS06108617.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-125'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-20087,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,0,2022-05-03,1.0,2022-05-03,,,1.0,"In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06477970; Issue ID: ALPS06477970.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-787'],"['cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*']",0,0
CVE-2022-20106,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,0,2022-05-03,1.0,2022-05-03,,,1.0,"In MM service, there is a possible out of bounds write due to a heap-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330460; Issue ID: DTV03330460.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9011:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9215:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9216:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9220:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9221:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9255:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9266:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9269:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9285:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9602:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9610:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9611:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9612:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9613:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9615:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9617:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9670:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:4.9:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:4.19:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9011:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9215:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9216:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9220:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9221:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9255:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9266:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9269:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9285:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9602:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9610:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9611:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9612:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9613:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9615:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9617:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9670:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*']",0,0
CVE-2022-20111,MediaTek,0.00048,8.4,0.0,1.0,0.0,0.0,0,2022-05-03,1.0,2022-05-03,,,1.0,"In ion, there is a possible use after free due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366069; Issue ID: ALPS06366069.",CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.5,5.9,['CWE-755'],"['cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21758,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,0,2022-06-06,1.0,2022-06-06,,,1.0,"In ccu, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06439600; Issue ID: ALPS06439600.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-415'],"['cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6752:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6758:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6795:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6797:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6799:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21765,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,0,2022-07-06,1.0,2022-07-04,,,1.0,"In CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641673; Issue ID: ALPS06641673.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21771,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,0,2022-07-06,1.0,2022-07-04,,,1.0,"In GED driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641585; Issue ID: ALPS06641585.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-362'],"['cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21772,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,0,2022-07-06,1.0,2022-07-04,,,1.0,"In TEEI driver, there is a possible type confusion due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493842; Issue ID: ALPS06493842.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-362'],"['cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21778,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,0,2022-11-08,1.0,2022-11-07,,,1.0,"In vpu, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06382421; Issue ID: ALPS06382421.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-125'],"['cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21785,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,0,2022-07-06,1.0,2022-07-04,,,1.0,"In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06807363; Issue ID: ALPS06807363.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-787'],"['cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*']",0,0
CVE-2022-26438,MediaTek,0.00042,6.7,0.0,1.0,0.0,1.0,0,2022-08-01,1.0,2022-08-01,,,1.0,"In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-787'],"['cpe:2.3:o:mediatek:mt7603_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7603:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7610_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7612_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7613_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7615_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7620_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7622_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7628_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7629_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7915_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7916_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt7986_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mediatek:mt8981_firmware:7.6.2.3:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8981:-:*:*:*:*:*:*:*']",0,0
CVE-2022-26473,MediaTek,0.00042,6.7,0.0,1.0,0.0,0.0,0,2022-10-07,1.0,2022-10-03,,,1.0,"In vdec fmt, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342197; Issue ID: ALPS07342197.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['CWE-667'],"['cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*']",0,0
CVE-2022-32589,MediaTek,0.00103,7.5,0.0,1.0,0.0,0.0,0,2022-10-07,1.0,2022-10-03,,,1.0,"In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07030600; Issue ID: ALPS07030600.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-404'],"['cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7668:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8512a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8518:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*', 'cpe:2.3:a:linuxfoundation:yocto:3.1:*:*:*:*:*:*:*', 'cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*', 'cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*']",0,0
CVE-2018-12228,Sangoma,0.00197,6.5,0.0,0.0,1.0,0.0,1,2018-06-12,1.0,2018-06-11,,,1.0,"An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk via TCP/TLS, if the client abruptly disconnects, or sends a specially crafted message, then Asterisk gets caught in an infinite loop while trying to read the data stream. This renders the system unusable.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-835'],['cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*'],0,0
CVE-2021-37706,Sangoma,0.02164,9.8,0.0,0.0,1.0,0.0,1,2021-12-22,1.0,2022-10-31,,,0.0,"PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. This issue affects all users that use STUN. A malicious actor located within the victim’s network may forge and send a specially crafted UDP (STUN) message that could remotely execute arbitrary code on the victim’s machine. Users are advised to upgrade as soon as possible. There are no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-191'],"['cpe:2.3:a:teluu:pjsip:*:*:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert1:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert10:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert11:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert12:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert2:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert3:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert4:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert5:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert6:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert7:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert8:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert9:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*']",0,0
CVE-2022-21723,Sangoma,0.00664,9.1,0.0,0.0,1.0,0.0,1,2022-01-27,1.0,2022-03-04,,,0.0,"PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users that accept SIP multipart. The patch is available as commit in the `master` branch. There are no known workarounds.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,HIGH,CRITICAL,3.9,5.2,['CWE-125'],"['cpe:2.3:a:teluu:pjsip:*:*:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert1:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert10:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert11:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert12:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert2:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert3:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert4:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert5:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert6:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert7:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert8:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert9:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*']",0,0
CVE-2022-23608,Sangoma,0.01272,9.8,0.0,0.0,1.0,0.0,1,2022-02-22,1.0,2022-10-31,,,0.0,"PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can potentially be prematurely freed when one of the dialogs is destroyed . The issue may cause a dialog set to be registered in the hash table multiple times (with different hash keys) leading to undefined behavior such as dialog list collision which eventually leading to endless loop. A patch is available in commit db3235953baa56d2fb0e276ca510fefca751643f which will be included in the next release. There are no known workarounds for this issue.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-416'],"['cpe:2.3:a:teluu:pjsip:*:*:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert1:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert10:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert11:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert12:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert2:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert3:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert4:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert5:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert6:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert7:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert8:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert9:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*']",0,0
CVE-2017-9358,Sangoma,0.00827,7.5,0.0,0.0,1.0,0.0,0,2017-06-02,0.0,,1.0,2017-04-13,,"A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging in that loop).",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-835'],"['cpe:2.3:a:sangoma:asterisk:13.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.1.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.1.0:rc2:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.2.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.3.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.4.0:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.4.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.5.0:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.5.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.6.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.7.0:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.7.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.8.0:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.8.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.8.1:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.8.2:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.9.0:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.9.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.10.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.11.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.12.0:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.12.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.12.1:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.12.2:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.13.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.14.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:13.15.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:13.13.0:*:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:13.13.0:cert1:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:13.13.0:cert1-rc1:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:13.13.0:cert1-rc2:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:13.13.0:cert1-rc3:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:13.13.0:cert1-rc4:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:13.13.0:cert2:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:13.13.0:cert3:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:13.13.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:13.13.0:rc2:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:14.0.0:beta1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:14.0.0:beta2:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:14.0.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:14.1.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:14.2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:14.2.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:14.2.0:rc2:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:14.2.1:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:14.3.0:rc1:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:14.4.0:rc1:*:*:*:*:*:*']",0,0
CVE-2020-28242,Sangoma,0.00442,6.5,0.0,0.0,1.0,0.0,0,2020-11-06,1.0,2020-11-05,,,1.0,"An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound authentication must be configured on the endpoint for this to occur.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-674'],"['cpe:2.3:a:asterisk:certified_asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*']",0,0
CVE-2020-28327,Sangoma,0.00088,5.3,0.0,0.0,1.0,0.0,0,2020-11-06,1.0,2020-11-05,,,1.0,"A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending on some off-nominal circumstances and timing, it was possible for another thread to free said dialog in this gap. Asterisk could then crash when the dialog object, or any of its dependent objects, were dereferenced or accessed next by the initial-creation thread. Note, however, that this crash can only occur when using a connection-oriented protocol (e.g., TCP or TLS, but not UDP) for SIP transport. Also, the remote client must be authenticated, or Asterisk must be configured for anonymous calling.",CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,HIGH,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.6,3.6,['CWE-404'],"['cpe:2.3:a:digium:certified_asterisk:16.8:-:*:*:*:*:*:*', 'cpe:2.3:a:digium:certified_asterisk:16.8:cert1-rc1:*:*:*:*:*:*', 'cpe:2.3:a:digium:certified_asterisk:16.8:cert1-rc2:*:*:*:*:*:*', 'cpe:2.3:a:digium:certified_asterisk:16.8:cert1-rc3:*:*:*:*:*:*', 'cpe:2.3:a:digium:certified_asterisk:16.8:cert1-rc4:*:*:*:*:*:*', 'cpe:2.3:a:digium:certified_asterisk:16.8:cert2:*:*:*:*:*:*', 'cpe:2.3:a:digium:certified_asterisk:16.8:cert3:*:*:*:*:*:*', 'cpe:2.3:a:digium:certified_asterisk:16.8:cert4:*:*:*:*:*:*', 'cpe:2.3:a:digium:certified_asterisk:16.8:cert4-rc1:*:*:*:*:*:*', 'cpe:2.3:a:digium:certified_asterisk:16.8:cert4-rc2:*:*:*:*:*:*', 'cpe:2.3:a:digium:certified_asterisk:16.8:cert4-rc3:*:*:*:*:*:*', 'cpe:2.3:a:digium:certified_asterisk:16.8:cert4-rc4:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*']",0,0
CVE-2021-46837,Sangoma,0.00109,6.5,0.0,0.0,1.0,0.0,0,2022-08-30,1.0,2021-03-04,,,1.0,"res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. This is a re-occurrence of the CVE-2019-15297 symptoms but not for exactly the same reason. The crash occurs because there is an append operation relative to the active topology, but this should instead be a replace operation.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-476'],"['cpe:2.3:a:asterisk:certified_asterisk:16.8.0:-:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert1:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert2:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert3:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert4:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert5:*:*:*:*:*:*', 'cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert6:*:*:*:*:*:*', 'cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*']",0,0
CVE-2018-12920,FLiR,0.00286,7.5,0.0,1.0,0.0,1.0,1,2018-06-28,0.0,,0.0,,,Brickstream 2300 devices allow remote attackers to obtain potentially sensitive information via a direct request for the basic.html#ipsettings or basic.html#datadelivery URI.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:o:flir:brickstream_2300_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:flir:brickstream_2300:-:*:*:*:*:*:*:*']",0,0
CVE-2018-3813,FLiR,0.00913,9.8,0.0,1.0,0.0,1.0,1,2018-01-01,0.0,,0.0,,,"getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and AVI_USER_PASSWORD fields via a direct request.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-200'],"['cpe:2.3:o:flir:brickstream_2300_2d_firmware:2.0_4.1.53.166:*:*:*:*:*:*:*', 'cpe:2.3:h:flir:brickstream_2300_2d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:flir:brickstream_2300_3d_firmware:2.0_4.1.53.166:*:*:*:*:*:*:*', 'cpe:2.3:h:flir:brickstream_2300_3d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:flir:brickstream_2300_3d\\+_firmware:2.0_4.1.53.166:*:*:*:*:*:*:*', 'cpe:2.3:h:flir:brickstream_2300_3d\\+:-:*:*:*:*:*:*:*']",0,0
CVE-2022-37060,FLiR,0.51074,7.5,0.0,1.0,0.0,1.0,1,2022-08-18,0.0,,1.0,2018-08-29,,"FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files located outside of the server's restricted path.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:flir:flir_ax8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:flir:flir_ax8:-:*:*:*:*:*:*:*']",0,0
CVE-2022-37061,FLiR,0.97481,9.8,0.0,1.0,0.0,1.0,1,2022-08-18,0.0,,1.0,2018-08-29,,All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:h:flir:flir_ax8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:flir:flir_ax8_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2022-37062,FLiR,0.00523,7.5,0.0,1.0,0.0,1.0,1,2022-08-18,0.0,,1.0,2018-08-29,,"All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and download it. A successful exploit could allow the attacker to extract usernames and hashed passwords.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:h:flir:flir_ax8:-:*:*:*:*:*:*:*', 'cpe:2.3:o:flir:flir_ax8_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2022-37063,FLiR,0.00091,5.4,0.0,1.0,0.0,1.0,1,2022-08-18,0.0,,1.0,2018-08-29,,All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the attacker to insert malicious JavaScript code.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:flir:flir_ax8_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:flir:flir_ax8:-:*:*:*:*:*:*:*']",0,0
CVE-2018-13022,Xiaomi,0.00107,6.1,0.0,1.0,0.0,1.0,1,2018-11-27,0.0,,0.0,,,Cross-site scripting vulnerability in the API 404 page on Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary JavaScript via a modified URL path.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:mi:miwifi_os:2.22.15:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:mi_router_3:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16130,Xiaomi,0.0105,8.8,0.0,1.0,0.0,1.0,1,2018-11-27,0.0,,0.0,,,"System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the ""payload"" URL parameter.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:mi:miwifi_os:2.22.15:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:mi_router_3:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19939,Xiaomi,0.0009,7.5,0.0,1.0,0.0,0.0,1,2018-12-07,0.0,,0.0,,,The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtp_read_Color in drivers/input/touchscreen/gt917d/gt9xx.c.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-476'],"['cpe:2.3:h:mi:mi_a2_lite:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:mi_a2_lite_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_6_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-20523,Xiaomi,0.01172,5.3,1.0,1.0,1.0,1.0,1,2019-06-07,1.0,2018-12-27,,,1.0,"Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-77'],"['cpe:2.3:a:mi:stock_browser:10.2.4g:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_note_7_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_note_7:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_note_6_pro_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_note_6_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_6a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_6a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_s2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_note_5_pro_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_note_5_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_k20_pro_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_k20_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_k20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_k20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_7a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_7a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_go_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_go:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_note_5_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_note_5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_y3_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_y3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_note_7s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_note_7s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_s2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_s2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_4a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_4a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_note_4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_note_4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_5_plus_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_5_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_note_5a_prime_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_note_5a_prime:-:*:*:*:*:*:*:*']",1,0
CVE-2019-15340,Xiaomi,0.00044,3.3,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V9.6.4.0.ODMMIFD:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201805292006) that allows any app co-located on the device to programmatically disable and enable Wi-Fi, Bluetooth, and GPS without the corresponding access permission through an exported interface.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE,LOW,1.8,1.4,['CWE-732'],"['cpe:2.3:o:mi:redmi_6_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_6:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15428,Xiaomi,0.00044,3.3,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi/scorpio/scorpio:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app (versionCode=40000, versionName=4.0.00) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE,LOW,1.8,1.4,['CWE-610'],"['cpe:2.3:o:mi:note_2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:note_2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15466,Xiaomi,0.00044,3.3,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V10.2.6.0.ODMMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201812191721) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE,LOW,1.8,1.4,['CWE-610'],"['cpe:2.3:o:mi:redmi_6_pro_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_6_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15467,Xiaomi,0.00044,3.3,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Xiaomi Mi Mix 2S Android device with a build fingerprint of Xiaomi/polaris/polaris:8.0.0/OPR1.170623.032/V9.5.19.0.ODGMIFA:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=A2060_201801032053) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,LOW,NONE,LOW,1.8,1.4,['CWE-610'],"['cpe:2.3:o:mi:mix_2s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:mix_2s:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15470,Xiaomi,0.00044,5.5,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"The Xiaomi Redmi Note 6 Pro Android device with a build fingerprint of xiaomi/tulip/tulip:8.1.0/OPM1.171019.011/V10.2.2.0.OEKMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=27, versionName=8.1.0) that allows other pre-installed apps to perform microphone audio recording via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that export their capabilities to other pre-installed app. This app allows a third-party app to use its open interface to record telephone calls to external storage.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:mi:redmi_note_6_pro_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_note_6_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15915,Xiaomi,0.00114,7.5,0.0,1.0,0.0,1.0,1,2019-12-20,0.0,,0.0,,,"An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, RTCGQ01LM devices. Attackers can utilize the ""discover ZigBee network procedure"" to perform a denial of service attack.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:o:mi:dgnwg03lm_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:dgnwg03lm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:zncz03lm_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:zncz03lm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:mccgq01lm_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:mccgq01lm:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:rtcgq01lm_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:rtcgq01lm:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18371,Xiaomi,0.03112,7.5,0.0,1.0,0.0,1.0,1,2019-10-23,0.0,,0.0,,,"An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:mi:millet_router_3g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:millet_router_3g:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10262,Xiaomi,0.00218,6.8,0.0,1.0,0.0,0.0,1,2020-04-08,0.0,,0.0,,,"An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Attackers can activate the failsafe mode during the boot process, and use the mi_console command cascaded by the SN code shown on the product to get the root shell password, and then the attacker can (i) read Wi-Fi SSID or password, (ii) read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, (iii) use Text-To-Speech tools pretend XIAOMI speakers' voice achieve social engineering attacks, (iv) eavesdrop on users and record what XIAOMI XIAOAI speaker Pro LX06 hears, (v) modify system files, (vi) use commands to send any IR code through IR emitter on XIAOMI XIAOAI Speaker Pro (LX06), (vii) stop voice assistant service, (viii) enable the XIAOMI XIAOAI Speaker Pro’s SSH or TELNET service as a backdoor, (IX) tamper with the router configuration of the router in the local area networks.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:mi:xiaomi_xiaoai_speaker_pro_lx06_firmware:1.58.10:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:xiaomi_xiaoai_speaker_pro_lx06:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10263,Xiaomi,0.00218,6.8,0.0,1.0,0.0,1.0,1,2020-04-08,0.0,,0.0,,,"An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can (i) read Wi-Fi SSID or password, (ii) read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, (iii) use Text-To-Speech tools pretend XIAOMI speakers' voice achieve social engineering attacks, (iv) eavesdrop on users and record what XIAOMI XIAOAI speaker Pro LX06 hears, (v) modify system files, (vi) use commands to send any IR code through IR emitter on XIAOMI XIAOAI Speaker Pro LX06, (vii) stop voice assistant service, (viii) enable the XIAOMI XIAOAI Speaker Pro’ SSH or TELNET service as a backdoor, (IX) tamper with the router configuration of the router in the local area networks.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-306'],"['cpe:2.3:o:mi:xiaomi_xiaoai_speaker_pro_lx06_firmware:1.52.4:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:xiaomi_xiaoai_speaker_pro_lx06:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10561,Xiaomi,0.0022,9.8,0.0,1.0,0.0,0.0,1,2020-06-24,0.0,,0.0,,,"An issue was discovered on Xiaomi Mi Jia ink-jet printer < 3.4.6_0138. Injecting parameters to ippserver through the web management background, resulting in command execution vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:mi:mijia_inkjet_printer_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:mijia_inkjet_printer:-:*:*:*:*:*:*:*']",0,0
CVE-2020-14094,Xiaomi,0.01044,9.8,0.0,1.0,0.0,0.0,1,2020-06-24,0.0,,0.0,,,"In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow or remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:h:mi:xiaomi_r3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:xiaomi_r3600_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14095,Xiaomi,0.00528,9.8,0.0,1.0,0.0,0.0,1,2020-06-24,0.0,,0.0,,,"In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:h:mi:xiaomi_r3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:xiaomi_r3600_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14100,Xiaomi,0.01754,9.8,0.0,1.0,0.0,0.0,1,2020-09-11,0.0,,0.0,,,"In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6 interface can be bypassed, causing remote code execution. The router administrator can gain root access from this vulnerability.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:h:mi:r3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:r3600_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14103,Xiaomi,0.00066,5.5,0.0,1.0,0.0,1.0,1,2021-04-08,0.0,,0.0,,,"The application in the mobile phone can read the SNO information of the device, Xiaomi 10 MIUI < 2020.01.15.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:mi:miui:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:mi_10:-:*:*:*:*:*:*:*']",0,0
CVE-2020-14106,Xiaomi,0.00066,5.5,0.0,0.0,0.0,1.0,1,2021-04-08,0.0,,0.0,,,"The application in the mobile phone can unauthorized access to the list of running processes in the mobile phone, Xiaomi Mobile Phone MIUI < 2021.01.26.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-863'],['cpe:2.3:o:mi:miui:*:*:*:*:*:*:*:*'],0,0
CVE-2020-14111,Xiaomi,0.00044,7.8,0.0,1.0,0.0,1.0,1,2022-03-10,0.0,,0.0,,,A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-345'],"['cpe:2.3:h:mi:ax3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:ax3600_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14112,Xiaomi,0.00073,5.3,0.0,1.0,0.0,1.0,1,2022-03-10,1.0,2022-03-07,,,1.0,Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-200'],"['cpe:2.3:h:mi:ax6000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:ax6000_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14119,Xiaomi,0.00207,9.8,0.0,1.0,0.0,0.0,1,2021-09-16,1.0,2021-08-25,,,1.0,"There is command injection in the addMeshNode interface of xqnetwork.lua, which leads to command execution under administrator authority on Xiaomi router AX3600 with rom versionrom< 1.1.12",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:h:mi:ax3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:ax3600:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14124,Xiaomi,0.00384,9.8,0.0,1.0,0.0,1.0,1,2021-09-16,1.0,2021-08-25,,,1.0,"There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:h:mi:ax3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:ax3600_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-8994,Xiaomi,0.00353,6.8,0.0,1.0,0.0,1.0,1,2020-03-05,0.0,,0.0,,,"An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1.40.14. Attackers can get root shell by accessing the UART interface and then they can read Wi-Fi SSID or password, read the dialogue text files between users and XIAOMI AI speaker, use Text-To-Speech tools pretend XIAOMI speakers' voice achieve social engineering attacks, eavesdrop on users and record what XIAOMI AI speaker hears, delete the entire XIAOMI AI speaker system, modify system files, stop voice assistant service, start the XIAOMI AI speaker’s SSH service as a backdoor",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-287'],"['cpe:2.3:h:mi:mdz-25-dt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:mdz-25-dt_firmware:1.34.36:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:mdz-25-dt_firmware:1.40.14:*:*:*:*:*:*:*']",0,0
CVE-2020-9530,Xiaomi,0.00317,6.5,0.0,0.0,0.0,1.0,1,2020-03-06,1.0,2020-03-12,,,0.0,"An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. The export component of GetApps(com.xiaomi.mipicks) mishandles the functionality of opening other components. Attackers need to induce users to open specific web pages in a specific network environment. By jumping to the WebView component of Messaging(com.android.MMS) and loading malicious web pages, information leakage can occur. This is fixed on version: 2001122; 11.0.1.54.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-94'],['cpe:2.3:o:mi:miui_firmware:11.0.5.0.qfaeuxm:*:*:*:*:*:*:*'],0,0
CVE-2020-9531,Xiaomi,0.00304,7.3,0.0,1.0,0.0,1.0,1,2020-03-06,1.0,2020-03-12,,,0.0,"An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In the Web resources of GetApps(com.xiaomi.mipicks), the parameters passed in are read and executed. After reading the resource files, relevant components open the link of the incoming URL. Although the URL is safe and can pass security detection, the data carried in the parameters are loaded and executed. An attacker can use NFC tools to get close enough to a user's unlocked phone to cause apps to be installed and information to be leaked. This is fixed on version: 2001122.",CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.1,5.2,['NVD-CWE-noinfo'],"['cpe:2.3:o:mi:miui_firmware:11.0.5.0.qfaeuxm:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:miui:-:*:*:*:*:*:*:*']",0,0
CVE-2018-6065,Xiaomi,0.96458,8.8,1.0,0.0,1.0,0.0,0,2018-11-14,1.0,2019-06-14,,,0.0,Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-190'],"['cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:a:mi:mi6_browser:-:*:*:*:*:*:*:*']",1,1
CVE-2019-10875,Xiaomi,0.00763,6.5,0.0,0.0,1.0,0.0,0,2019-04-05,1.0,2019-04-08,,,0.0,"A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g (aka the MIUI native browser) and Mint Browser 1.5.3 due to the way they handle the ""q"" query parameter. The portion of an https URL before the ?q= substring is not shown to the user.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-290'],"['cpe:2.3:a:mi:mi_browser:10.5.6-g:*:*:*:*:*:*:*', 'cpe:2.3:a:mi:mint_browser:1.5.3:*:*:*:*:*:*:*']",0,0
CVE-2019-12500,Xiaomi,0.00058,6.5,0.0,1.0,0.0,0.0,0,2019-05-31,0.0,,0.0,,,"The Xiaomi M365 scooter 2019-02-12 before 1.5.1 allows spoofing of ""suddenly accelerate"" commands. This occurs because Bluetooth Low Energy commands have no server-side authentication check. Other affected commands include suddenly braking, locking, and unlocking.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-306'],"['cpe:2.3:h:mi:m365:2019-02-12:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:m365_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-13321,Xiaomi,0.00086,8.0,0.0,0.0,1.0,0.0,0,2020-02-10,1.0,2020-02-10,,,1.0,This vulnerability allows network adjacent attackers to execute arbitrary code on affected installations of Xiaomi Browser Prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must connect to a malicious access point. The specific flaw exists within the handling of HTTP responses to the Captive Portal. A crafted HTML response can cause the Captive Portal to to open a browser to a specified location without user interaction. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-7467.,CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['CWE-732'],['cpe:2.3:a:mi:mi_browser:*:*:*:*:*:*:*:*'],0,0
CVE-2019-13322,Xiaomi,0.01129,8.8,0.0,0.0,1.0,0.0,0,2020-02-10,1.0,2020-02-10,,,1.0,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the miui.share application. The issue results from the lack of proper validation of user-supplied data, which can result in an arbitrary application download. An attacker can leverage this vulnerability to execute code in the context of the user. Was ZDI-CAN-7483.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-20', 'CWE-356']",['cpe:2.3:a:mi:mi_browser:*:*:*:*:*:*:*:*'],0,0
CVE-2019-6743,Xiaomi,0.01229,8.8,0.0,0.0,1.0,0.0,0,2019-06-03,1.0,2019-06-14,,,0.0,"This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WebAssembly.Instance method. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7466.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],['cpe:2.3:a:mi:mi6_browser:*:*:*:*:*:*:*:*'],0,0
CVE-2020-11959,Xiaomi,0.00168,7.5,0.0,1.0,0.0,0.0,0,2020-06-24,0.0,,0.0,,,An unsafe configuration of nginx lead to information leak in Xiaomi router R3600 ROM before 1.0.50.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:mi:xiaomi_r3600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:xiaomi_r3600:-:*:*:*:*:*:*:*']",0,0
CVE-2020-11960,Xiaomi,0.00222,9.8,0.0,1.0,0.0,0.0,0,2020-06-24,0.0,,0.0,,,"Xiaomi router R3600 ROM before 1.0.50 is affected by a vulnerability when checking backup file in c_upload interface let attacker able to extract malicious file under any location in /tmp, lead to possible RCE and DoS",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:mi:xiaomi_r3600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:xiaomi_r3600:-:*:*:*:*:*:*:*']",0,0
CVE-2020-11961,Xiaomi,0.00168,7.5,0.0,1.0,0.0,0.0,0,2020-06-24,0.0,,0.0,,,Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive information leakage caused by an insecure interface get_config_result without authentication,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:o:mi:xiaomi_r3600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:xiaomi_r3600:-:*:*:*:*:*:*:*']",0,0
CVE-2020-14096,Xiaomi,0.00222,9.8,0.0,1.0,0.0,1.0,0,2020-09-11,0.0,,0.0,,,Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen when the speaker verifying a malicious firmware during OTA process.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:mi:xiaomi_ai_speaker_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:xiaomi_ai_speaker:-:*:*:*:*:*:*:*']",0,0
CVE-2020-14097,Xiaomi,0.00084,7.5,0.0,1.0,0.0,1.0,0,2021-01-13,0.0,,0.0,,,"Wrong nginx configuration, causing specific paths to be downloaded without authorization. This affects Xiaomi router AX6 ROM version < 1.0.18.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:mi:redmi_ax6:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:redmi_ax6_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14098,Xiaomi,0.00073,7.5,0.0,1.0,0.0,1.0,0,2021-01-13,0.0,,0.0,,,The login verification can be bypassed by using the problem that the time is not synchronized after the router restarts. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-662'],"['cpe:2.3:o:mi:ax1800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:ax1800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:rm1800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:rm1800:-:*:*:*:*:*:*:*']",0,0
CVE-2020-14099,Xiaomi,0.00107,7.5,0.0,1.0,0.0,1.0,0,2021-04-08,0.0,,0.0,,,"On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption scheme for a user's backup files uses hard-coded keys, which can expose sensitive information such as a user's password.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-798'],"['cpe:2.3:h:mi:ax1800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:ax1800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:rm1800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:rm1800_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14101,Xiaomi,0.0019,7.5,0.0,1.0,0.0,1.0,0,2021-01-13,0.0,,0.0,,,The data collection SDK of the router web management interface caused the leakage of the token. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:mi:ax1800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:ax1800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:rm1800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:rm1800:-:*:*:*:*:*:*:*']",0,0
CVE-2020-14102,Xiaomi,0.0011,7.2,0.0,1.0,0.0,1.0,0,2021-01-13,0.0,,0.0,,,"There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-77'],"['cpe:2.3:o:mi:ax1800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:ax1800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:rm1800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:rm1800:-:*:*:*:*:*:*:*']",0,0
CVE-2020-14110,Xiaomi,0.00044,7.8,0.0,1.0,0.0,1.0,0,2022-01-18,0.0,,0.0,,,AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-863'],"['cpe:2.3:h:mi:ax3600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:ax3600_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14116,Xiaomi,0.00073,7.5,0.0,0.0,1.0,0.0,0,2022-04-21,0.0,,0.0,,,An intent redirection vulnerability in the Mi Browser product. This vulnerability is caused by the Mi Browser does not verify the validity of the incoming data. Attackers can perform sensitive operations by exploiting this.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-345'],['cpe:2.3:a:mi:mi_browser:*:*:*:*:*:*:*:*'],0,0
CVE-2020-14120,Xiaomi,0.00201,8.8,0.0,0.0,0.0,1.0,0,2022-04-21,1.0,2022-04-14,,,1.0,"Some Xiaomi models have a vulnerability in a certain application. The vulnerability is caused by the lack of checksum when using a three-party application to pass in parameters, and attackers can induce users to install a malicious app and use the vulnerability to achieve elevated privileges, making the normal services of the system affected.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-354'],['cpe:2.3:o:mi:miui:12.5:*:*:*:*:*:*:*'],0,0
CVE-2020-14121,Xiaomi,0.00042,5.5,0.0,0.0,1.0,0.0,0,2022-04-21,1.0,2022-04-14,,,1.0,"A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete permission checks of the products being bypassed, and an attacker can exploit the vulnerability to perform a local silent installation.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.8,3.6,['CWE-863'],['cpe:2.3:a:mi:mi_app_store:4.12.2:*:*:*:*:*:*:*'],0,0
CVE-2020-14122,Xiaomi,0.00044,5.5,0.0,0.0,0.0,1.0,0,2022-04-21,1.0,2022-04-14,,,1.0,"Some Xiaomi phones have information leakage vulnerabilities, and some of them may be able to forge a specific identity due to the lack of parameter verification, resulting in user information leakage.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-345'],['cpe:2.3:o:mi:miui:12.5.2:*:*:*:*:*:*:*'],0,0
CVE-2020-14123,Xiaomi,0.00089,7.5,0.0,0.0,0.0,1.0,0,2022-04-22,1.0,2022-04-22,,,1.0,"There is a pointer double free vulnerability in Some MIUI Services. When a function is called, the memory pointer is copied to two function modules, and an attacker can cause the pointer to be repeatedly released through malicious operations, resulting in the affected module crashing and affecting normal functionality, and if successfully exploited the vulnerability can cause elevation of privileges.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-415'],['cpe:2.3:o:mi:miui:12.5.2:*:*:*:*:*:*:*'],0,0
CVE-2020-14125,Xiaomi,0.00089,7.5,0.0,0.0,0.0,1.0,0,2022-06-08,1.0,2022-06-06,,,1.0,A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by out-of-bound read/write and can be exploited by attackers to make denial of service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-125'],"['cpe:2.3:h:mi:redmi_note_11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_note_9t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:miui:*:*:*:*:*:*:*:*']",0,0
CVE-2020-14127,Xiaomi,0.00178,7.5,0.0,1.0,0.0,1.0,0,2022-07-14,1.0,2022-06-06,,,1.0,A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by heap overflow and can be exploited by attackers to make remote denial of service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-787'],"['cpe:2.3:o:mi:miui:*:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_k40:-:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:redmi_note_10_pro:-:*:*:*:*:*:*:*']",0,0
CVE-2021-31610,Xiaomi,0.00091,6.5,0.0,1.0,0.0,1.0,0,2021-09-07,0.0,,0.0,,,"The Bluetooth Classic implementation on AB32VG1 devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (either restart or deadlock the device) by flooding a device with LMP_AU_rand data.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:mi:mi_true_wireless_earbuds_basic_2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:mi:mi_true_wireless_earbuds_basic_2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bluetrum:ab5376t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bluetrum:ab5376t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:bluetrum:bt8896a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:bluetrum:bt8896a_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2022-31277,Xiaomi,0.00081,8.8,0.0,1.0,0.0,1.0,0,2022-06-16,0.0,,0.0,,,Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. This allows attackers to to bypass the expected access restrictions and gain control of the switch and other functions via a crafted POST request.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-294'],"['cpe:2.3:o:mi:xiaomi_lamp_1_firmware:2.0.4_0066:*:*:*:*:*:*:*', 'cpe:2.3:h:mi:xiaomi_lamp_1:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14899,Seiko Epson,0.00152,6.1,0.0,1.0,0.0,1.0,1,2018-08-30,0.0,,0.0,,,"On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:epson:wf-2750_firmware:jp02l2:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:wf-2750:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14900,Seiko Epson,0.00209,7.5,0.0,1.0,0.0,1.0,1,2018-08-30,0.0,,0.0,,,"On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs. Remote attackers can send print jobs directly to the printer via TCP port 9100.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-417'],"['cpe:2.3:o:epson:wf-2750_firmware:jp02l2:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:wf-2750:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14903,Seiko Epson,0.00209,7.5,0.0,1.0,0.0,1.0,1,2018-08-30,0.0,,0.0,,,"EPSON WF-2750 printers with firmware JP02I2 do not properly validate files before running updates, which allows remote attackers to cause a printer malfunction or send malicious data to the printer.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-346'],"['cpe:2.3:o:epson:wf-2750_firmware:jp02l2:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:wf-2750:-:*:*:*:*:*:*:*']",0,0
CVE-2018-18959,Seiko Epson,0.00161,7.5,0.0,1.0,0.0,1.0,1,2018-12-24,0.0,,0.0,,,"An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. On the 'Air Print Setting' web page, if the data for 'Bonjour Service Location' at /PRESENTATION/BONJOUR is more than 251 bytes when sending data for Air Print Setting, then the device no longer functions until a reboot.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-119'],"['cpe:2.3:o:epson:epson_workforce_wf-2861_firmware:10.48_lq22i3:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:epson_workforce_wf-2861_firmware:10.51.lq20i6:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:epson_workforce_wf-2861_firmware:10.52.lq17ia:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:epson_workforce_wf-2861:-:*:*:*:*:*:*:*']",0,0
CVE-2018-18960,Seiko Epson,0.00161,5.9,0.0,1.0,0.0,1.0,1,2018-12-24,0.0,,0.0,,,"An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. They use SNMP to find certain devices on the network, but the default version is v2c, allowing an amplification attack.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.2,3.6,['CWE-400'],"['cpe:2.3:o:epson:epson_workforce_wf-2861_firmware:10.48_lq22i3:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:epson_workforce_wf-2861_firmware:10.51.lq20i6:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:epson_workforce_wf-2861_firmware:10.52.lq17ia:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:epson_workforce_wf-2861:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19232,Seiko Epson,0.00232,7.5,0.0,1.0,0.0,1.0,1,2018-12-24,0.0,,0.0,,,"The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA devices allows remote attackers to cause a denial of service via a FIRMWAREUPDATE GET request, as demonstrated by the /DOWN/FIRMWAREUPDATE/ROM1 URI.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:epson:epson_workforce_wf-2861_firmware:10.48_lq22i3:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:epson_workforce_wf-2861_firmware:10.51.lq20i6:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:epson_workforce_wf-2861_firmware:10.52.lq17ia:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:epson_workforce_wf-2861:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19248,Seiko Epson,0.00249,9.1,0.0,1.0,0.0,1.0,1,2018-12-24,0.0,,0.0,,,"The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA devices allows remote attackers to upload a firmware file and reset the printer without authentication by making a request to the /DOWN/FIRMWAREUPDATE/ROM1 URI and a POST request to the /FIRMWAREUPDATE URI.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH,CRITICAL,3.9,5.2,['CWE-306'],"['cpe:2.3:o:epson:epson_workforce_wf-2861_firmware:10.48_lq22i3:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:epson_workforce_wf-2861_firmware:10.51.lq20i6:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:epson_workforce_wf-2861_firmware:10.52.lq17ia:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:epson_workforce_wf-2861:-:*:*:*:*:*:*:*']",0,0
CVE-2020-12695,Seiko Epson,0.00547,7.5,0.0,1.0,0.0,0.0,1,2020-06-08,0.0,,0.0,,,"The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H,NETWORK,HIGH,NONE,NONE,CHANGED,LOW,NONE,HIGH,HIGH,2.2,4.7,['CWE-276'],"['cpe:2.3:a:ui:unifi_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*', 'cpe:2.3:h:asus:rt-n11:-:*:*:*:*:*:*:*', 'cpe:2.3:h:broadcom:adsl:-:*:*:*:*:*:*:*', 'cpe:2.3:h:canon:selphy_cp1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:wap131:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:wap150:-:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:wap351:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dvg-n5412sp:-:*:*:*:*:*:*:*', 'cpe:2.3:h:dell:b1165nfw:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-101:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ew-m970a3t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:m571t:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-2101:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-2105:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-241:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-320:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-330:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-340:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-4100:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-4105:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-440:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-620:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-630:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-702:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-8500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-8600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-960:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:xp-970:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5020_z4a69a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5030_m2u92b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5030_z4a70a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5034_z4a74a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:5660_f8b04a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3456_a9t84c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t83b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3546_a9t82a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_3548_a9t81b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4515:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4518:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4536_f0v65a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4538_f0v66b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4676_f1h98a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_4678_f1h99b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn517a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn517b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn517c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn518a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn519a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_100_cn519b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq809d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_110_cq812c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_111_cq810a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_114_cq811a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_114_cq811b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_114_cq812a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_120_cz022a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_120_cz022b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_120_cz022c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_a9t80a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_a9t80b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_a9t89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4500_d3p93a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4501_c8d05a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4502_a9t85a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4502_a9t87b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4503_e6g71b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4504_a9t88b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4504_c8d04a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4505_a9t86a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4507_e6g70b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4508_e6g72b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4509_d3p94a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4509_d3p94b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4511_k9h50a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4512_k9h49a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4513_k9h51a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4516_k9h52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_e6g67a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_e6g67b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_f0v63a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_f0v63b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4520_f0v69a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4521_k9t10b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4522_f0v67a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4523_j6u60b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4524_f0v71b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4524_f0v72b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4524_k9t01a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4525_k9t09b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4526_k9t05b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4527_j6u61b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_4528_k9t08b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u85a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u85b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u91a:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u91a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_m2u94b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_z4a54a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5000_z4a74a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5020_m2u91b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5530:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5531:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5532:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5534:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5535:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5536:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5539:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_f2e72a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v47a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v51a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_g0v53a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5540_k7c85a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5541_k7g89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5542_k7c88a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5543_n9u88a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5544_k7c89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5544_k7c93a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5545_g0v50a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5546_k7c90a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5547_j6u64a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5548_k7g87a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5640_b9s56a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5640_b9s58a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5642_b9s64a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5643_b9s63a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5644_b9s65a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5646_f8b05a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5664_f8b08a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_5665_f8b06a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_5se16b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_5se17a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_6wd35a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6020_7cz37a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6052_5se18a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6055_5se16a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_6540_b9s59a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_7640:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_7644_e4w46a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_7645_e4w44a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_k7g18a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_k7g26b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_k7s21b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_y0k13d_:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6200_y0k15a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6220_k7g20d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6220_k7g21b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6222_y0k13d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6222_y0k14d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6230_k7g25b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6232_k7g26b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6234_k7s21b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_6252_k7g22a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_3xd89a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_k7g93a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_k7g99a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_z3m37a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7100_z3m52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7120_z3m41d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7155_z3m52a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7164_k7g99a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_k7r96a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_k7s00a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_k7s10d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_y0g42d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7800_y0g52b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7822_y0g42d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7822_y0g43d:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_photo_7830_y0g50b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_5se45b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_5se46a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_6wd14a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6420_6wd16a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6452_5se47a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:envy_pro_6455_5se45a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4650_e6g87a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4650_f1h96a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4650_f1h96b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4652_f1j02a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4652_f1j05b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4652_k9v84b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4654_f1j06b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4654_f1j07b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4655_f1j00a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4655_k9v79a:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4655_k9v82b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4656_k9v81b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4657_v6d29b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:officejet_4658_v6d30b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hg255s:-:*:*:*:*:*:*:*', 'cpe:2.3:h:huawei:hg532e:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nec:wr8165n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:netgear:wnhde111:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ruckussecurity:zonedirector_1200:-:*:*:*:*:*:*:*', 'cpe:2.3:h:tp-link:archer_c50:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:amg1202-t10b:-:*:*:*:*:*:*:*', 'cpe:2.3:h:zyxel:vmg8324-b10a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:xbox_one:10.0.19041.2494:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*']",0,0
CVE-2020-5674,Seiko Epson,0.00148,7.8,0.0,1.0,1.0,1.0,1,2020-11-24,1.0,2020-11-20,,,1.0,Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],"['cpe:2.3:a:epson:album_print:-:*:*:*:*:update_program:*:*', 'cpe:2.3:a:epson:color_calibration_utility:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:colorbase:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:colorio_easy_print:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:connect:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:creativity_suite:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:e-photo:-:*:*:*:*:camera_raw:*:*', 'cpe:2.3:a:epson:e-photo:-:*:*:*:*:picture_motion_browser:*:*', 'cpe:2.3:a:epson:easy_photo_print:-:*:*:*:*:-:*:*', 'cpe:2.3:a:epson:easy_photo_print:-:*:*:*:*:camera_raw:*:*', 'cpe:2.3:a:epson:easy_settings:-:*:*:*:*:office:*:*', 'cpe:2.3:a:epson:imaging_workshop:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:link2:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:multi-print_quicker:-:*:*:*:*:windows:*:*', 'cpe:2.3:a:epson:net_config:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:net_config_se:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:net_print:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:net_software_development_kit:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:photolier:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:photoquicker:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:photostarter:3.1:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:pm-t990_integrated_installer:-:*:*:*:*:windows:*:*', 'cpe:2.3:a:epson:print:-:*:*:*:*:playmemories_home:*:*', 'cpe:2.3:a:epson:print:-:*:*:*:*:silkypix:*:*', 'cpe:2.3:a:epson:print:-:*:*:*:*:viewnx:*:*', 'cpe:2.3:a:epson:print_image_framer_tool:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:print_layout:-:*:*:*:*:photoshop:*:*', 'cpe:2.3:a:epson:prolab_print:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:prolab_print:-:*:*:*:*:camera_raw:*:*', 'cpe:2.3:a:epson:remote_printer_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:scan_icm_updater:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:scanner_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:web_to_page:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:webconfig:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:universal_print_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x64:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x86:*', 'cpe:2.3:a:epson:status_monitor_2:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:status_monitor_3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ec-01_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ec-01:-:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:print_image_framer_tool:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_98:-:*:*:*:*:*:*:*', 'cpe:2.3:o:microsoft:windows_me:-:*:*:*:*:*:*:*']",0,0
CVE-2020-6091,Seiko Epson,0.00233,9.1,0.0,1.0,0.0,1.0,1,2020-05-22,1.0,2020-10-08,,,0.0,An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,"['CWE-287', 'CWE-288']","['cpe:2.3:h:epson:eb-1470ui:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:eb-1470ui_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2017-12860,Seiko Epson,0.00284,9.8,0.0,0.0,1.0,0.0,0,2017-10-10,0.0,,0.0,,,"The Epson ""EasyMP"" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded ""backdoor"" code (2270), which authenticates to all devices.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],['cpe:2.3:a:epson:easymp:2.86:*:*:*:*:*:*:*'],0,0
CVE-2017-12861,Seiko Epson,0.00308,9.8,0.0,0.0,1.0,0.0,0,2017-10-10,0.0,,0.0,,,"The Epson ""EasyMP"" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.All Epson projectors supporting the ""EasyMP"" software are vulnerable to a brute-force vulnerability, allowing any attacker on the network to remotely control and stream to the vulnerable device",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-521'],['cpe:2.3:a:epson:easymp:2.86:*:*:*:*:*:*:*'],0,0
CVE-2017-6443,Seiko Epson,0.0018,6.1,1.0,0.0,1.0,0.0,0,2017-03-15,0.0,,0.0,,,Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:epson:tmnet_webconfig:1.00:*:*:*:*:*:*:*'],1,0
CVE-2018-0688,Seiko Epson,0.00103,6.1,0.0,1.0,0.0,0.0,0,2019-01-09,1.0,2018-12-03,,,1.0,"Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, EP-30VA firmware versions released prior to 2017 June 19, EP-707A firmware versions released prior to 2017 August 1, EP-708A firmware versions released prior to 2017 August 7, EP-709A firmware versions released prior to 2017 June 12, EP-777A firmware versions released prior to 2017 August 1, EP-807AB/AW/AR firmware versions released prior to 2017 August 1, EP-808AB/AW/AR firmware versions released prior to 2017 August 7, EP-879AB/AW/AR firmware versions released prior to 2017 June 12, EP-907F firmware versions released prior to 2017 August 1, EP-977A3 firmware versions released prior to 2017 August 1, EP-978A3 firmware versions released prior to 2017 August 7, EP-979A3 firmware versions released prior to 2017 June 12, EP-M570T firmware versions released prior to 2017 September 6, EW-M5071FT firmware versions released prior to 2017 November 2, EW-M660FT firmware versions released prior to 2018 April 19, EW-M770T firmware versions released prior to 2017 September 6, PF-70 firmware versions released prior to 2018 April 20, PF-71 firmware versions released prior to 2017 July 18, PF-81 firmware versions released prior to 2017 September 14, PX-048A firmware versions released prior to 2017 July 4, PX-049A firmware versions released prior to 2017 September 11, PX-437A firmware versions released prior to 2017 July 24, PX-M350F firmware versions released prior to 2018 February 23, PX-M5040F firmware versions released prior to 2017 November 20, PX-M5041F firmware versions released prior to 2017 November 20, PX-M650A firmware versions released prior to 2017 October 17, PX-M650F firmware versions released prior to 2017 October 17, PX-M680F firmware versions released prior to 2017 June 29, PX-M7050F firmware versions released prior to 2017 October 13, PX-M7050FP firmware versions released prior to 2017 October 13, PX-M7050FX firmware versions released prior to 2017 November 7, PX-M7070FX firmware versions released prior to 2017 April 27, PX-M740F firmware versions released prior to 2017 December 4, PX-M741F firmware versions released prior to 2017 December 4, PX-M780F firmware versions released prior to 2017 June 29, PX-M781F firmware versions released prior to 2017 June 27, PX-M840F firmware versions released prior to 2017 November 16, PX-M840FX firmware versions released prior to 2017 December 8, PX-M860F firmware versions released prior to 2017 October 25, PX-S05B/W firmware versions released prior to 2018 March 9, PX-S350 firmware versions released prior to 2018 February 23, PX-S5040 firmware versions released prior to 2017 November 20, PX-S7050 firmware versions released prior to 2018 February 21, PX-S7050PS firmware versions released prior to 2018 February 21, PX-S7050X firmware versions released prior to 2017 November 7, PX-S7070X firmware versions released prior to 2017 April 27, PX-S740 firmware versions released prior to 2017 December 3, PX-S840 firmware versions released prior to 2017 November 16, PX-S840X firmware versions released prior to 2017 December 8, PX-S860 firmware versions released prior to 2017 December 7) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the web interface of the affected product.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-601'],"['cpe:2.3:h:epson:ds-570w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ds-570w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ds-780n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ds-780n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-10va:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-10va_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-30va:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-30va_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-707a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-707a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-708a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-708a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-709a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-709a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-777a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-777a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-807ab_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-807ab:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-807aw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-807aw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-807ar_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-807ar:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-808ab_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-808ab:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-808aw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-808aw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-808ar_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-808ar:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-879ab_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-879ab:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-879aw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-879aw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-879ar_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-879ar:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-907f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-907f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-977a3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-977a3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-978a3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-978a3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-979a3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-979a3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-m570t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-m570t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ew-m5071ft_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ew-m5071ft:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ew-m660ft_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ew-m660ft:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ew-m770t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ew-m770t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:pf-70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:pf-70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:pf-71_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:pf-71:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:pf-81_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:pf-81:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-048a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-048a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-049a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-049a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-437a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-437a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m350f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m350f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m5040f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m5040f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m5041f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m5041f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m650a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m650a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m650f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m650f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m680f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m680f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m7050f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m7050f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m7050fp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m7050fp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m7050fx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m7050fx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m7070fx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m7070fx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m740f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m740f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m781f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m781f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m840f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m840f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m840fx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m840fx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m860f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m860f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s05b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s05b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s05w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s05w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s5040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s5040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s7050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s7050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s7050ps_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s7050ps:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s7050x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s7050x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s7070x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s7070x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s740_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s740:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s840_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s840:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s840x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s840x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s860_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s860:-:*:*:*:*:*:*:*']",0,0
CVE-2018-0689,Seiko Epson,0.00219,8.8,0.0,1.0,0.0,0.0,0,2019-01-09,1.0,2018-12-03,,,1.0,"HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, EP-30VA firmware versions released prior to 2017 June 19, EP-707A firmware versions released prior to 2017 August 1, EP-708A firmware versions released prior to 2017 August 7, EP-709A firmware versions released prior to 2017 June 12, EP-777A firmware versions released prior to 2017 August 1, EP-807AB/AW/AR firmware versions released prior to 2017 August 1, EP-808AB/AW/AR firmware versions released prior to 2017 August 7, EP-879AB/AW/AR firmware versions released prior to 2017 June 12, EP-907F firmware versions released prior to 2017 August 1, EP-977A3 firmware versions released prior to 2017 August 1, EP-978A3 firmware versions released prior to 2017 August 7, EP-979A3 firmware versions released prior to 2017 June 12, EP-M570T firmware versions released prior to 2017 September 6, EW-M5071FT firmware versions released prior to 2017 November 2, EW-M660FT firmware versions released prior to 2018 April 19, EW-M770T firmware versions released prior to 2017 September 6, PF-70 firmware versions released prior to 2018 April 20, PF-71 firmware versions released prior to 2017 July 18, PF-81 firmware versions released prior to 2017 September 14, PX-048A firmware versions released prior to 2017 July 4, PX-049A firmware versions released prior to 2017 September 11, PX-437A firmware versions released prior to 2017 July 24, PX-M350F firmware versions released prior to 2018 February 23, PX-M5040F firmware versions released prior to 2017 November 20, PX-M5041F firmware versions released prior to 2017 November 20, PX-M650A firmware versions released prior to 2017 October 17, PX-M650F firmware versions released prior to 2017 October 17, PX-M680F firmware versions released prior to 2017 June 29, PX-M7050F firmware versions released prior to 2017 October 13, PX-M7050FP firmware versions released prior to 2017 October 13, PX-M7050FX firmware versions released prior to 2017 November 7, PX-M7070FX firmware versions released prior to 2017 April 27, PX-M740F firmware versions released prior to 2017 December 4, PX-M741F firmware versions released prior to 2017 December 4, PX-M780F firmware versions released prior to 2017 June 29, PX-M781F firmware versions released prior to 2017 June 27, PX-M840F firmware versions released prior to 2017 November 16, PX-M840FX firmware versions released prior to 2017 December 8, PX-M860F firmware versions released prior to 2017 October 25, PX-S05B/W firmware versions released prior to 2018 March 9, PX-S350 firmware versions released prior to 2018 February 23, PX-S5040 firmware versions released prior to 2017 November 20, PX-S7050 firmware versions released prior to 2018 February 21, PX-S7050PS firmware versions released prior to 2018 February 21, PX-S7050X firmware versions released prior to 2017 November 7, PX-S7070X firmware versions released prior to 2017 April 27, PX-S740 firmware versions released prior to 2017 December 3, PX-S840 firmware versions released prior to 2017 November 16, PX-S840X firmware versions released prior to 2017 December 8, PX-S860 firmware versions released prior to 2017 December 7) may allow a remote attackers to lead a user to a phishing site or execute an arbitrary script on the user's web browser.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-113'],"['cpe:2.3:h:epson:ds-570w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ds-570w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ds-780n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ds-780n_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-10va:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-10va_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-30va:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-30va_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-707a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-707a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-708a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-708a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-709a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-709a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-777a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-777a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-807ab_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-807ab:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-807aw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-807aw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-807ar_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-807ar:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-808ab_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-808ab:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-808aw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-808aw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-808ar_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-808ar:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-879ab_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-879ab:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-879aw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-879aw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-879ar_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-879ar:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-907f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-907f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-977a3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-977a3:-:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-978a3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-978a3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-979a3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-979a3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ep-m570t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ep-m570t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ew-m5071ft_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ew-m5071ft:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ew-m660ft_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ew-m660ft:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:ew-m770t_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:ew-m770t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:pf-70_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:pf-70:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:pf-71_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:pf-71:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:pf-81_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:pf-81:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-048a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-048a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-049a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-049a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-437a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-437a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m350f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m350f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m5040f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m5040f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m5041f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m5041f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m650a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m650a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m650f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m650f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m680f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m680f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m7050f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m7050f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m7050fp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m7050fp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m7050fx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m7050fx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m7070fx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m7070fx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m740f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m740f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m781f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m781f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m840f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m840f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m840fx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m840fx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-m860f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-m860f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s05b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s05b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s05w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s05w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s350_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s5040_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s5040:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s7050_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s7050:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s7050ps_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s7050ps:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s7050x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s7050x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s7070x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s7070x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s740_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s740:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s840_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s840:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s840x_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s840x:-:*:*:*:*:*:*:*', 'cpe:2.3:o:epson:px-s860_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:px-s860:-:*:*:*:*:*:*:*']",0,0
CVE-2018-14901,Seiko Epson,0.00832,7.5,0.0,0.0,1.0,0.0,0,2018-08-30,0.0,,0.0,,,"The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-798'],['cpe:2.3:a:epson:iprint:6.6.3:*:*:*:*:android:*:*'],0,0
CVE-2018-14902,Seiko Epson,0.00832,7.5,0.0,0.0,1.0,0.0,0,2018-08-30,0.0,,0.0,,,The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an attacker's application to read scanned documents.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],['cpe:2.3:a:epson:iprint:6.6.3:*:*:*:*:android:*:*'],0,0
CVE-2020-28929,Seiko Epson,0.0069,9.8,0.0,1.0,0.0,1.0,0,2020-12-16,0.0,,0.0,,,Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to remotely retrieve administrative hashed credentials via the maintenance/troubleshoot.php?download=1 URI.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:o:epson:eps_tse_server_8_firmware:21.0.11:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:eps_tse_server_8:-:*:*:*:*:*:*:*']",0,0
CVE-2020-28930,Seiko Epson,0.00082,5.4,0.0,1.0,0.0,1.0,0,2020-12-16,0.0,,0.0,,,A Cross-Site Scripting (XSS) issue in the 'update user' and 'delete user' functionalities in settings/users.php in EPSON EPS TSE Server 8 (21.0.11) allows an authenticated attacker to inject a JavaScript payload in the user management page that is executed by an administrator.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:epson:eps_tse_server_8_firmware:21.0.11:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:eps_tse_server_8:-:*:*:*:*:*:*:*']",0,0
CVE-2020-28931,Seiko Epson,0.00177,8.8,0.0,1.0,0.0,1.0,0,2020-12-16,0.0,,0.0,,,Lack of an anti-CSRF token in the entire administrative interface in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to force an administrator to execute external POST requests by visiting a malicious website.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:epson:eps_tse_server_8_firmware:21.0.11:*:*:*:*:*:*:*', 'cpe:2.3:h:epson:eps_tse_server_8:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5681,Seiko Epson,0.00099,7.8,0.0,0.0,1.0,0.0,0,2020-12-24,1.0,2020-12-18,,,1.0,"Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, and Offirio SynergyWare PrintDirector versions 1.6x/1.6y and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-427'],"['cpe:2.3:a:epson:epsonnet_setupmanager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:epson:offirio_synergyware_printdirector:*:*:*:*:*:*:*:*']",0,0
CVE-2020-9014,Seiko Epson,0.00042,5.5,0.0,0.0,1.0,0.0,0,2021-02-05,0.0,,1.0,2020-03-31,,"In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to cause a denial of service (BSOD) via crafted input to the virtual audio device driver with IOCTL 0x9C402402, 0x9C402406, or 0x9C40240A. \Device\EMPNSAUIO and \DosDevices\EMPNSAU are similarly affected.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],['cpe:2.3:a:epson:iprojection:*:*:*:*:*:*:*:*'],0,0
CVE-2020-9453,Seiko Epson,0.00042,5.5,0.0,0.0,1.0,0.0,0,2021-02-05,0.0,,1.0,2020-03-31,,"In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402406 and IOCtl 0x9C40240A. (0x9C402402 has only a NULL pointer dereference.) This affects \Device\EMPMPAUIO and \DosDevices\EMPMPAU.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,1.8,3.6,['CWE-476'],['cpe:2.3:a:epson:iprojection:*:*:*:*:*:*:*:*'],0,0
CVE-2018-15356,Eltex,0.00115,8.8,0.0,1.0,0.0,1.0,1,2018-08-17,1.0,2018-08-17,,,1.0,An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200 firmware version 1.2.0.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-77'],"['cpe:2.3:o:eltex:esp-200_firmware:1.2.0:*:*:*:*:*:*:*', 'cpe:2.3:h:eltex:esp-200:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15357,Eltex,0.00065,6.5,0.0,1.0,0.0,1.0,1,2018-08-17,1.0,2018-08-17,,,1.0,An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-200'],"['cpe:2.3:o:eltex:esp-200_firmware:1.2.0:*:*:*:*:*:*:*', 'cpe:2.3:h:eltex:esp-200:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15358,Eltex,0.00094,8.8,0.0,1.0,0.0,1.0,1,2018-08-17,1.0,2018-08-17,,,1.0,An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-20'],"['cpe:2.3:o:eltex:esp-200_firmware:1.2.0:*:*:*:*:*:*:*', 'cpe:2.3:h:eltex:esp-200:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15359,Eltex,0.00099,8.8,0.0,1.0,0.0,1.0,1,2018-08-17,1.0,2018-08-17,,,1.0,An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:eltex:esp-200_firmware:1.2.0:*:*:*:*:*:*:*', 'cpe:2.3:h:eltex:esp-200:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15360,Eltex,0.00074,7.3,0.0,1.0,0.0,1.0,1,2018-08-17,1.0,2018-08-17,,,1.0,An attacker without authentication can login with default credentials for privileged users in Eltex ESP-200 firmware version 1.2.0.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,LOW,LOW,HIGH,3.9,3.4,['CWE-798'],"['cpe:2.3:o:eltex:esp-200_firmware:1.2.0:*:*:*:*:*:*:*', 'cpe:2.3:h:eltex:esp-200:-:*:*:*:*:*:*:*']",0,0
CVE-2020-9026,Eltex,0.01346,9.8,0.0,1.0,0.0,1.0,1,2020-02-17,0.0,,0.0,,,ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the PING field of the resource ping.cmd. The NTP-2 device is also affected.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:eltex-co:ntp-2_firmware:3.25.1.1226:*:*:*:*:*:*:*', 'cpe:2.3:h:eltex-co:ntp-2:1v5\\:b\\+10:*:*:*:*:*:*:*', 'cpe:2.3:o:eltex-co:ntp-rg-1402g_firmware:3.25.3.32:*:*:*:*:*:*:*', 'cpe:2.3:h:eltex-co:ntp-rg-1402g:1v10:*:*:*:*:*:*:*']",0,0
CVE-2020-9027,Eltex,0.01346,9.8,0.0,1.0,0.0,1.0,1,2020-02-17,0.0,,0.0,,,ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the TRACE field of the resource ping.cmd. The NTP-2 device is also affected.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:eltex-co:ntp-2_firmware:3.25.1.1226:*:*:*:*:*:*:*', 'cpe:2.3:h:eltex-co:ntp-2:1v5\\:b\\+10:*:*:*:*:*:*:*', 'cpe:2.3:o:eltex-co:ntp-rg-1402g_firmware:3.25.3.32:*:*:*:*:*:*:*', 'cpe:2.3:h:eltex-co:ntp-rg-1402g:1v10:*:*:*:*:*:*:*']",0,0
CVE-2018-15530,XEROX,0.00087,6.1,0.0,1.0,0.0,1.0,1,2019-05-13,1.0,2018-10-09,,,1.0,Cross-site scripting (XSS) in the web interface of the Xerox ColorQube 8580 allows remote persistent injection of custom HTML / JavaScript code.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:xerox:colorqube_8580_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:colorqube_8580:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17172,XEROX,0.00271,9.8,0.0,1.0,0.0,1.0,1,2019-01-03,1.0,2019-01-02,,,1.0,"The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001.028.05200, C8045/C8055 before 100.002.028.05200, and C8070 before 100.003.028.05200 allows unauthenticated command injection.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:h:xerox:altalink_c8030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8065:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8075:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8075_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8090_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-13165,XEROX,0.00381,9.8,0.0,1.0,0.0,1.0,1,2020-03-13,0.0,,0.0,,,Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the request parser of the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS) and potentially execute arbitrary code on the device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:h:xerox:phaser_3320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:phaser_3320_firmware:v53.006.16.000:*:*:*:*:*:*:*']",0,0
CVE-2019-13166,XEROX,0.00178,7.5,0.0,1.0,0.0,1.0,1,2020-03-13,0.0,,0.0,,,Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement account lockout. Local account credentials may be extracted from the device via brute force guessing attacks.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-307'],"['cpe:2.3:o:xerox:phaser_3320_firmware:v53.006.16.000:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_3320:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13168,XEROX,0.00381,9.8,0.0,1.0,0.0,1.0,1,2020-03-13,0.0,,0.0,,,Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the attributes parser of the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS) and potentially execute arbitrary code on the device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:xerox:phaser_3320_firmware:v53.006.16.000:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_3320:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13169,XEROX,0.00472,9.8,0.0,1.0,0.0,1.0,1,2020-03-13,0.0,,0.0,,,Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Content-Type HTTP Header of the web application that would allow an attacker to execute arbitrary code on the device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:xerox:phaser_3320_firmware:v53.006.16.000:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_3320:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13170,XEROX,0.00053,6.5,0.0,1.0,0.0,1.0,1,2020-03-13,0.0,,0.0,,,Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement any mechanism to avoid CSRF attacks. Successful exploitation of this vulnerability can lead to the takeover of a local account on the device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-352'],"['cpe:2.3:o:xerox:phaser_3320_firmware:v53.006.16.000:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_3320:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13171,XEROX,0.00472,9.8,0.0,1.0,0.0,1.0,1,2020-03-13,0.0,,0.0,,,"Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handling of the register parameters, because the size used within a memcpy() function, which copied the action value into a local variable, was not checked properly.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:xerox:phaser_3320_firmware:v53.006.16.000:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_3320:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13172,XEROX,0.00499,9.8,0.0,1.0,0.0,1.0,1,2020-03-13,0.0,,0.0,,,Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:xerox:phaser_3320_firmware:v53.006.16.000:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_3320:-:*:*:*:*:*:*:*']",0,0
CVE-2019-17184,XEROX,0.00244,9.8,0.0,1.0,0.0,1.0,1,2019-10-04,0.0,,0.0,,,Xerox AtlaLink B8045/B8055/B8065/B8075/B8090 C8030/C8035/C8045/C8055/C8070 printers with software before 101.00x.089.22600 allow an attacker to gain privileges.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:xerox:atlalink_firmware:101.008.089.22600:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:atlalink_b8045:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:atlalink_b8055:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:atlalink_b8065:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:atlalink_b8075:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:atlalink_b8090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:atlalink_firmware:101.001.089.22600:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:atlalink_c8030:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:atlalink_c8035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:atlalink_firmware:101.002.089.22600:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:atlalink_c8045:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:atlalink_c8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:atlalink_firmware:101.003.089.22600:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:atlalink_c8070:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19832,XEROX,0.00118,8.8,0.0,1.0,0.0,1.0,1,2019-12-18,0.0,,0.0,,,Xerox AltaLink C8035 printers allow CSRF. A request to add users is made in the Device User Database form field to the xerox.set URI. (The frmUserName value must have a unique name.),CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:xerox:altalink_c8035_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8035:-:*:*:*:*:*:*:*']",0,0
CVE-2016-11061,XEROX,0.00222,9.8,0.0,1.0,0.0,1.0,0,2020-04-29,0.0,,0.0,,,"Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the device.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:xerox:workcentre_3655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_3655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5945_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5945:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5955_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5955:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5945i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5945i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5955i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5955i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7200i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7200i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20767,XEROX,0.00156,8.8,0.0,1.0,0.0,1.0,0,2019-02-10,0.0,,0.0,,,"An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-20'],"['cpe:2.3:o:xerox:workcentre_3655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_3655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5900i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5900i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7836_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7836:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7856_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7856:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20768,XEROX,0.00179,9.8,0.0,1.0,0.0,1.0,0,2019-02-10,0.0,,0.0,,,"An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-94'],"['cpe:2.3:o:xerox:workcentre_3655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_3655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5900i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5900i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7836_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7836:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7856_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7856:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20769,XEROX,0.00244,7.5,0.0,1.0,0.0,1.0,0,2019-02-10,0.0,,0.0,,,"An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is a Local File Inclusion vulnerability.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:xerox:workcentre_3655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_3655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5900i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5900i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7836_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7836:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7856_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7856:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20770,XEROX,0.00138,9.8,0.0,1.0,0.0,1.0,0,2019-02-10,0.0,,0.0,,,"An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-89'],"['cpe:2.3:o:xerox:workcentre_3655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_3655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5900i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5900i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7836_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7836:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7856_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7856:-:*:*:*:*:*:*:*']",0,0
CVE-2018-20771,XEROX,0.00555,9.8,0.0,1.0,0.0,1.0,0,2019-02-10,0.0,,0.0,,,"An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is unauthenticated Remote Command Execution.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],"['cpe:2.3:o:xerox:workcentre_3655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_3655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5900i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5900i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7836_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7836:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7856_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7856:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10880,XEROX,0.00213,9.8,0.0,1.0,0.0,1.0,0,2019-04-12,0.0,,0.0,,,"Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the ""nobody"" user through a crafted ""HTTP"" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authentication may not be necessary.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:h:xerox:colorqube_8700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:colorqube_8700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:colorqube_8900:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:colorqube_8900_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:colorqube_9301:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:colorqube_9301_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:colorqube_9302:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:colorqube_9302_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:colorqube_9303:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:colorqube_9303_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-13167,XEROX,0.00096,6.1,0.0,1.0,0.0,1.0,0,2020-03-13,0.0,,0.0,,,"Multiple Stored XSS vulnerabilities were found in the Xerox Web Application, used by the Phaser 3320 V53.006.16.000 and other printers. Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:xerox:phaser_3320_firmware:v53.006.16.000:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_3320:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18628,XEROX,0.00061,4.9,0.0,1.0,0.0,1.0,0,2021-03-04,0.0,,0.0,,,"Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to turn off data encryption on the device, thus leaving it open to potential cryptographic information disclosure.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.2,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:xerox:altalink_b8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8075_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8075:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8070:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18629,XEROX,0.00244,8.1,0.0,1.0,0.0,1.0,0,2021-03-04,1.0,2021-03-20,,,0.0,Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. This requires creating a clone file and signing that file with a compromised private key.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:xerox:altalink_b8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8075_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8075:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8070:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18630,XEROX,0.00168,7.5,0.0,1.0,0.0,1.0,0,2021-03-04,1.0,2021-03-03,,,1.0,"On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200, portions of the drive containing executable code were not encrypted thus leaving it open to potential cryptographic information disclosure.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-312'],"['cpe:2.3:o:xerox:altalink_b8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8075_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8075:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8070:-:*:*:*:*:*:*:*']",0,0
CVE-2020-26162,XEROX,0.00084,6.1,0.0,1.0,0.0,1.0,0,2020-10-09,0.0,,0.0,,,Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073.020.059.25300 devices allow XSS via Description pages.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:xerox:workcentre_ec7836_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7836:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7856_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7856:-:*:*:*:*:*:*:*']",0,0
CVE-2020-36201,XEROX,0.00168,7.5,0.0,1.0,0.0,1.0,0,2021-01-26,0.0,,0.0,,,"An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-327'],"['cpe:2.3:o:xerox:workcentre_3655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_3655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5865i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5865i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5875i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5875i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5945:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5945_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5955:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5955_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5945i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5945i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5955i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5955i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7836_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7836:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7856_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7856:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5890i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5890i:-:*:*:*:*:*:*:*']",0,0
CVE-2020-9330,XEROX,0.00109,8.8,0.0,1.0,0.0,1.0,0,2020-02-21,0.0,,0.0,,,"Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using default credentials) can change the LDAP connection IP address to a system owned by the actor without knowledge of the LDAP bind credentials. After changing the LDAP connection IP address, subsequent authentication attempts will result in the printer sending plaintext LDAP (Active Directory) credentials to the actor. Although the credentials may belong to a non-privileged user, organizations frequently use privileged service accounts to bind to Active Directory. The attacker gains a foothold on the Active Directory domain at a minimum, and may use the credentials to take over control of the Active Directory domain. This affects 3655*, 3655i*, 58XX*, 58XXi*, 59XX*, 59XXi*, 6655**, 6655i**, 72XX*, 72XXi*, 78XX**, 78XXi**, 7970**, 7970i**, EC7836**, and EC7856** devices.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-306'],"['cpe:2.3:h:xerox:workcentre_3655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_3655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_3655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_3655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5945:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5945_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_5955:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_5955_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6655i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6655i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7220_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7225_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7225:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7830_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7835_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7835:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7845_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7845:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_7970i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_7970i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7836_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7836:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_ec7856_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_ec7856:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28668,XEROX,0.00138,9.8,0.0,1.0,0.0,1.0,0,2021-03-29,1.0,2021-03-18,,,1.0,"Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 has several SQL injection vulnerabilities.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-89'],"['cpe:2.3:o:xerox:altalink_b8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8075_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8075:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8070:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28669,XEROX,0.0007,7.5,0.0,1.0,0.0,1.0,0,2021-03-29,1.0,2021-03-18,,,1.0,"Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 provide the ability to set configuration attributes without administrative rights.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-862'],"['cpe:2.3:o:xerox:altalink_b8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8075_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8075:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8070_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8070:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28670,XEROX,0.00103,9.1,0.0,1.0,0.0,1.0,0,2021-03-29,1.0,2021-03-18,,,1.0,"Xerox AltaLink B8045/B8090 before 103.008.030.32000, C8030/C8035 before 103.001.030.32000, C8045/C8055 before 103.002.030.32000 and C8070 before 103.003.030.32000 allow unauthorized users, by leveraging the Scan To Mailbox feature, to delete arbitrary files from the disk.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH,CRITICAL,3.9,5.2,['NVD-CWE-noinfo'],"['cpe:2.3:o:xerox:altalink_b8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8065_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8065:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8075_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8075:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_b8090_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_b8090:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8030:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8045:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8045_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8055:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8055_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:altalink_c8070:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:altalink_c8070_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-28671,XEROX,0.00411,9.8,0.0,1.0,0.0,0.0,0,2021-03-29,1.0,2021-03-18,,,1.0,"Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B400 before 37.65.51 and 37.59.01 (Bridge), B405 before 38.65.51 and 38.59.01 (Bridge), B600/B610 before 32.65.51 and 32.59.01 (Bridge), B605/B615 before 33.65.51 and 33.59.01 (Bridge), B7025/30/35 before 58.65.51 and 58.59.11 (Bridge), C400 before 67.65.51 and 67.59.01 (Bridge), C405 before 68.65.51 and 68.59.01 (Bridge), C500/C600 before 61.65.51 and 61.59.01 (Bridge), C505/C605 before 62.65.51 and 62.59.01 (Bridge), C7000 before 56.65.51 and 56.59.01 (Bridge), C7020/25/30 before 57.65.51 and 57.59.01 (Bridge), C8000/C9000 before 70.65.51 and 70.59.01 (Bridge), C8000W before 72.65.51 have a remote Command Execution vulnerability in the Web User Interface that allows remote attackers with ""a weaponized clone file"" to execute arbitrary commands.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:xerox:phaser_6510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:phaser_6510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b405_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b610_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b605:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b605_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c405_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c505_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c505:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c605_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c605:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c8000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:phaser_6510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_6510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b405_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b610_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b605_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b605:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c405_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c505_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c505:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c605_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c605:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c8000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c8000w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c8000w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7035:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28672,XEROX,0.00659,9.8,0.0,1.0,0.0,0.0,0,2021-03-29,1.0,2021-03-18,,,1.0,"Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B400 before 37.65.51 and 37.59.01 (Bridge), B405 before 38.65.51 and 38.59.01 (Bridge), B600/B610 before 32.65.51 and 32.59.01 (Bridge), B605/B615 before 33.65.51 and 33.59.01 (Bridge), B7025/30/35 before 58.65.51 and 58.59.11 (Bridge), C400 before 67.65.51 and 67.59.01 (Bridge), C405 before 68.65.51 and 68.59.01 (Bridge), C500/C600 before 61.65.51 and 61.59.01 (Bridge), C505/C605 before 62.65.51 and 62.59.01 (Bridge), C7000 before 56.65.51 and 56.59.01 (Bridge), C7020/25/30 before 57.65.51 and 57.59.01 (Bridge), C8000/C9000 before 70.65.51 and 70.59.01 (Bridge), C8000W before 72.65.51 allows remote attackers to execute arbitrary code through a buffer overflow in Web page parameter handling.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:xerox:phaser_6510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_6510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b405_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b610_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b605_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b605:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c405_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c505_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c505:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c605_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c605:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c8000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:phaser_6510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_6510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b405_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b610_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b605_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b605:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c405_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c505_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c505:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c605_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c605:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c8000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c8000w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c8000w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7035:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28673,XEROX,0.00346,9.8,0.0,1.0,0.0,0.0,0,2021-03-29,1.0,2021-03-18,,,1.0,"Xerox Phaser 6510 before 64.61.23 and 64.59.11 (Bridge), WorkCentre 6515 before 65.61.23 and 65.59.11 (Bridge), VersaLink B400 before 37.61.23 and 37.59.01 (Bridge), B405 before 38.61.23 and 38.59.01 (Bridge), B600/B610 before 32.61.23 and 32.59.01 (Bridge), B605/B615 before 33.61.23 and 33.59.01 (Bridge), B7025/30/35 before 58.61.23 and 58.59.11 (Bridge), C400 before 67.61.23 and 67.59.01 (Bridge), C405 before 68.61.23 and 68.59.01 (Bridge), C500/C600 before 61.61.23 and 61.59.01 (Bridge), C505/C605 before 62.61.23 and 62.59.11 (Bridge), C7000 before 56.61.23 and 56.59.01 (Bridge), C7020/25/30 before 57.61.23 and 57.59.01 (Bridge), C8000/C9000 before 70.61.23 and 70.59.01 (Bridge), allows remote attackers with ""a weaponized clone file"" to execute arbitrary commands in the Web User Interface.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:xerox:phaser_6510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_6510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b405_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b610_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b605_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b605:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7035:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c405_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c505_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c505:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c605_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c605:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c8000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:phaser_6510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_6510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:workcentre_6515_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:workcentre_6515:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b405_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b610_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b610:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b605_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b605:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b615_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b615:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c405_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c405:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c505_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c505:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c605_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c605:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7020_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7020:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7025_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7025:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c7030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c8000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c8000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_c9000_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c9000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b600_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b600:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7030_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7030:-:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_b7035_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7035:-:*:*:*:*:*:*:*']",0,0
CVE-2021-37354,XEROX,0.00285,9.8,0.0,1.0,0.0,1.0,0,2022-02-15,0.0,,0.0,,,Xerox Phaser 4622 v35.013.01.000 was discovered to contain a buffer overflow in the function sub_3226AC via the TIMEZONE variable. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:xerox:phaser_4622_firmware:35.013.01.000:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:phaser_4622:-:*:*:*:*:*:*:*']",0,0
CVE-2022-23320,XEROX,0.00153,7.5,0.0,0.0,1.0,0.0,0,2022-02-07,0.0,,0.0,,,"XMPie uStore 12.3.7244.0 allows for administrators to generate reports based on raw SQL queries. Since the application ships with default administrative credentials, an attacker may authenticate into the application and exfiltrate sensitive information from the database.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-287'],['cpe:2.3:a:xerox:xmpie_ustore:12.3.7244.0:*:*:*:*:*:*:*'],0,0
CVE-2022-23321,XEROX,0.00067,4.8,0.0,0.0,1.0,0.0,0,2022-02-10,0.0,,0.0,,,A persistent cross-site scripting (XSS) vulnerability exists on two input fields within the administrative panel when editing users in the XMPie UStore application on version 12.3.7244.0.,CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,HIGH,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,1.7,2.7,['CWE-79'],['cpe:2.3:a:xerox:xmpie_ustore:12.3.7244.0:*:*:*:*:*:*:*'],0,0
CVE-2022-23968,XEROX,0.00185,7.5,0.0,1.0,0.0,0.0,0,2022-01-26,0.0,,0.0,,,"Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a permanent denial of service because image parsing causes a reboot, but image parsing is restarted as soon as the boot process finishes. However, this boot loop can be resolved by a field technician. The TIFF file must have an incomplete Image Directory. Affected firmware versions include xx.42.01 and xx.50.61. NOTE: the 2022-01-24 NeoSmart article included ""believed to affect all previous and later versions as of the date of this posting"" but a 2022-01-26 vendor statement reports ""the latest versions of firmware are not vulnerable to this issue.""",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-835'],"['cpe:2.3:o:xerox:versalink_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:xerox:versalink_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b405:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b610:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7025:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7030:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_b7035:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c400:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c405:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c505:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c600:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c605:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7020:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7025:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c7030:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c8000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c8000w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:versalink_c9000:-:*:*:*:*:*:*:*']",0,0
CVE-2022-26572,XEROX,0.0015,7.5,0.0,1.0,0.0,1.0,0,2022-04-04,0.0,,0.0,,,"Xerox ColorQube 8580 was discovered to contain an access control issue which allows attackers to print, view the status, and obtain sensitive information.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['NVD-CWE-Other'],"['cpe:2.3:o:xerox:colorqube_8580_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:xerox:colorqube_8580:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15555,Actiontec,0.00606,9.8,0.0,1.0,0.0,1.0,1,2019-06-28,0.0,,0.0,,,"On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user ""root"" and password ""admin"" by using the enabled onboard UART headers.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-662'],"['cpe:2.3:o:actiontec:web6000q_firmware:1.1.02.22:*:*:*:*:*:*:*', 'cpe:2.3:h:actiontec:web6000q:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15556,Actiontec,0.13666,9.8,0.0,1.0,0.0,1.0,1,2019-06-27,0.0,,0.0,,,"The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user ""root"" and an empty password by using the enabled onboard UART headers.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:actiontec:web6000q_firmware:1.1.02.22:*:*:*:*:*:*:*', 'cpe:2.3:h:actiontec:web6000q:-:*:*:*:*:*:*:*']",0,0
CVE-2018-15557,Actiontec,0.00504,8.8,0.0,1.0,0.0,1.0,1,2019-06-27,0.0,,0.0,,,"An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-269'],"['cpe:2.3:o:actiontec:web6000q_firmware:1.1.02.22:*:*:*:*:*:*:*', 'cpe:2.3:h:actiontec:web6000q:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19922,Actiontec,0.00131,6.1,0.0,1.0,0.0,1.0,1,2018-12-06,0.0,,0.0,,,Persistent Cross-Site Scripting (XSS) in the advancedsetup_websiteblocking.html Website Blocking page of the Actiontec C1000A router with firmware through CAC004-31.30L.95 allows a remote attacker to inject arbitrary HTML into the Website Blocking page by inserting arbitrary HTML into the 'TodUrlAdd' URL parameter in a /urlfilter.cmd POST request.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:actiontec:c1000a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:actiontec:c1000a:-:*:*:*:*:*:*:*']",0,0
CVE-2019-12789,Actiontec,0.001,6.8,0.0,1.0,0.0,1.0,1,2019-06-17,0.0,,0.0,,,"An issue was discovered on Actiontec T2200H T2200H-31.128L.08 devices, as distributed by Telus. By attaching a UART adapter to the UART pins on the system board, an attacker can use a special key sequence (Ctrl-\) to obtain a shell with root privileges. After gaining root access, the attacker can mount the filesystem read-write and make permanent modifications to the device including bricking of the device, disabling vendor management of the device, preventing automatic upgrades, and permanently installing malicious code on the device.",CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:actiontec:t2200h_firmware:t2200h-31.1238l.08:*:*:*:*:*:*:*', 'cpe:2.3:h:actiontec:t2200h:-:*:*:*:*:*:*:*']",0,0
CVE-2018-10252,Actiontec,0.00186,8.1,0.0,1.0,0.0,1.0,0,2018-05-14,0.0,,0.0,,,"An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a devices. The admin login session cookie is insecurely generated making admin session hijacking possible. When an admin logs in, a session cookie is generated using the time of day rounded to 10ms. Since the web server returns its current time of day in responses, it is possible to step backward through possible session values until a working one is found. Once a working session ID is found, an attacker then has admin control of the device and can add a secondary SSID to create a backdoor to the network.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-384'],"['cpe:2.3:h:actiontec:wcb6200q:-:*:*:*:*:*:*:*', 'cpe:2.3:o:actiontec:wcb6200q_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-15884,Ricoh,0.00106,8.8,1.0,0.0,0.0,1.0,1,2018-08-28,0.0,,0.0,,,RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:ricoh:mp_c4504ex_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_c4504ex:-:*:*:*:*:*:*:*']",1,0
CVE-2018-16184,Ricoh,0.0032,9.8,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-12-07,,,1.0,"RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, D5510 V1.6 to V2.2, and the display versions with RICOH Interactive Whiteboard Controller Type1 V1.6 to V2.2 attached (D5520, D6500, D6510, D7500, D8400) allows remote attackers to execute arbitrary commands via unspecified vectors.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:h:ricoh:d2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d5500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d5500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d5520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d5520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d6500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d6500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d6510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d6510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d7500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d8400:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d8400_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2018-16185,Ricoh,0.0013,7.8,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-12-07,,,1.0,"RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) allows remote attackers to execute a malicious program.",CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-20'],"['cpe:2.3:h:ricoh:d2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d5500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d5500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d5520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d5520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d5520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d6500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d6500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d6510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d6510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d6510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d7500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d8400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d8400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d8400:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16187,Ricoh,0.00087,5.9,0.0,1.0,0.0,1.0,1,2019-01-09,1.0,2018-12-07,,,1.0,"The RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to V2.2, D5510 V1.3 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.3 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) does not verify its server certificates, which allows man-in-the-middle attackers to eversdrop on encrypted communication.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-295'],"['cpe:2.3:o:ricoh:d2200_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d2200:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d5500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d5500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d5510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d5510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d5520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d5520_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d5520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d6500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d6500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d6510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d6510_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d6510:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d7500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d7500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d8400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:d8400_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:d8400:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17001,Ricoh,0.00085,6.1,0.0,1.0,0.0,1.0,1,2018-09-21,0.0,,0.0,,,"On the RICOH SP 4510SF printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:ricoh:sp_4510sf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_4510sf:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17002,Ricoh,0.00085,6.1,0.0,1.0,0.0,1.0,1,2018-09-21,0.0,,0.0,,,"On the RICOH MP 2001 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:ricoh:mp_2001sp_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_2001sp:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17309,Ricoh,0.00085,6.1,0.0,1.0,0.0,1.0,1,2018-09-26,0.0,,0.0,,,"On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:ricoh:mp_c406zspf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_c406z:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17310,Ricoh,0.00137,6.1,1.0,1.0,0.0,1.0,1,2018-09-26,0.0,,0.0,,,"On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:ricoh:mp_c1803_jpn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_c1803_jpn:-:*:*:*:*:*:*:*']",1,0
CVE-2018-17311,Ricoh,0.00085,6.1,0.0,1.0,0.0,1.0,1,2018-09-26,0.0,,0.0,,,"On the RICOH MP C6503 Plus printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:ricoh:mp_c6503_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_c6503:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17312,Ricoh,0.00085,6.1,0.0,1.0,0.0,1.0,1,2018-09-26,0.0,,0.0,,,"On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:ricoh:aficio_mp_301spf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:aficio_mp_301spf:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17314,Ricoh,0.00085,6.1,0.0,1.0,0.0,0.0,1,2018-09-26,0.0,,0.0,,,"On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:ricoh:mp_305\\+_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_305\\+:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17315,Ricoh,0.00085,6.1,0.0,1.0,0.0,1.0,1,2018-09-26,0.0,,0.0,,,"On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:ricoh:mp_c2003sp_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_c2003:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17316,Ricoh,0.00085,6.1,0.0,1.0,0.0,1.0,1,2018-09-26,0.0,,0.0,,,"On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.",CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:ricoh:mp_c6003_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_c6003:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11844,Ricoh,0.0007,6.1,0.0,1.0,0.0,1.0,1,2019-05-14,0.0,,0.0,,,An HTML Injection vulnerability has been discovered on the RICOH SP 4520DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn or entryDisplayNameIn parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:ricoh:sp_4520dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_4520dn:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11845,Ricoh,0.0009,6.1,0.0,1.0,0.0,1.0,1,2019-05-14,0.0,,0.0,,,An HTML Injection vulnerability has been discovered on the RICOH SP 4510DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:h:ricoh:sp_4510dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_4510dn_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14299,Ricoh,0.00244,9.8,0.0,1.0,0.0,1.0,1,2020-03-13,0.0,,0.0,,,"Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local account credentials by brute force.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-307'],"['cpe:2.3:o:ricoh:sp_c250sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c250dn_firmware:1.05:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252dn:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14300,Ricoh,0.00653,9.8,0.0,1.0,0.0,1.0,1,2019-08-26,1.0,2020-02-25,,,0.0,"Several Ricoh printers have multiple buffer overflows parsing HTTP cookie headers, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions depend on the printer models. One affected configuration is cpe:2.3:o:ricoh:sp_c250dn_firmware:-:*:*:*:*:*:*:* up to (including) 1.06 running on cpe:2.3:o:ricoh:sp_c250dn:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252dn:-:*:*:*:*:*:*:*. Another affected configuration is cpe:2.3:o:ricoh:sp_c250sf_firmware:-:*:*:*:*:*:*:* up to (including) 1.12 running on cpe:2.3:o:ricoh:sp_c250sf:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252sf:-:*:*:*:*:*:*:*.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:h:ricoh:sp_c250sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c250sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c250dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252dn_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-14301,Ricoh,0.00147,7.5,0.0,1.0,0.0,1.0,1,2020-01-10,1.0,2020-02-25,,,0.0,Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-200'],"['cpe:2.3:h:ricoh:sp_c250sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c250sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c250dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_c250fw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_c250fw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_c250fwb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_c250fwb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:p_c300w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:p_c300w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:p_c301w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:p_c301w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_330sn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_330sn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_330sfn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_330sfn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_330dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_330dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_3710sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_3710sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_3710dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_3710dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c260dnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c260dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c260sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c260sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c261dnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c261dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c261sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c261sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c262sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c262sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c262dnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c262dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:mp_2014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_2014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:mp_2014d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_2014d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:mp_2014ad_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_2014ad:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_2700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_2700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_2701_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_2701:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_220snw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_220snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221snw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_220sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_220sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_277snwx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_277snwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_277sfnwx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_277sfnwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_220nw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_220nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221nw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp277nwx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp277nwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212snw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212sfw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212sfw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212sfnw_\\(china\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212sfnw_\\(china\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212suw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212suw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213snw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213snw_\\(taiwan\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213snw_\\(taiwan\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213suw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213suw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213sfw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213sfw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213sfnw_\\(taiwan\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213sfnw_\\(taiwan\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212nw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213nw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213nw_\\(taiwan\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213nw_\\(taiwan\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213w:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14303,Ricoh,0.00116,7.5,0.0,1.0,0.0,1.0,1,2020-03-13,0.0,,0.0,,,Ricoh SP C250DN 1.05 devices allow denial of service (issue 1 of 3). Some Ricoh printers were affected by a wrong LPD service implementation that lead to a denial of service vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:ricoh:sp_c250sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c250dn_firmware:1.05:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252dn:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14304,Ricoh,0.00074,8.8,0.0,1.0,0.0,1.0,1,2020-01-10,1.0,2020-02-25,,,0.0,Ricoh SP C250DN 1.06 devices allow CSRF.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:h:ricoh:sp_c250sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c250sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c250dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_c250fw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_c250fw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_c250fwb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_c250fwb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:p_c300w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:p_c300w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:p_c301w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:p_c301w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_330sn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_330sn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_330sfn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_330sfn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_330dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_330dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_3710sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_3710sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_3710dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_3710dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c260dnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c260dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c260sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c260sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c261dnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c261dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c261sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c261sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c262sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c262sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c262dnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c262dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:mp_2014_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_2014:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:mp_2014d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_2014d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:mp_2014ad_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_2014ad:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_2700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_2700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_2701_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_2701:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_220snw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_220snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221snw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_220sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_220sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_277snwx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_277snwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_277sfnwx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_277sfnwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_220nw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_220nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221nw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp277nwx_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp277nwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212snw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212sfw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212sfw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212sfnw_\\(china\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212sfnw_\\(china\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212suw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212suw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213snw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213snw_\\(taiwan\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213snw_\\(taiwan\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213suw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213suw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213sfnw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213sfw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213sfw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213sfnw_\\(taiwan\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213sfnw_\\(taiwan\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212nw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213nw_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213nw_\\(taiwan\\)_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213nw_\\(taiwan\\):-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213w:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14308,Ricoh,0.00653,9.8,0.0,1.0,0.0,1.0,1,2019-08-26,1.0,2020-02-25,,,0.0,"Several Ricoh printers have multiple buffer overflows parsing LPD packets, which allow an attacker to cause a denial of service or code execution via crafted requests to the LPD service. Affected firmware versions depend on the printer models. One affected configuration is cpe:2.3:o:ricoh:sp_c250dn_firmware:-:*:*:*:*:*:*:* up to (including) 1.06 running on cpe:2.3:o:ricoh:sp_c250dn:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252dn:-:*:*:*:*:*:*:*. Another affected configuration is cpe:2.3:o:ricoh:sp_c250sf_firmware:-:*:*:*:*:*:*:* up to (including) 1.12 running on cpe:2.3:o:ricoh:sp_c250sf:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252sf:-:*:*:*:*:*:*:*.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:ricoh:sp_c250sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c250dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252dn:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14309,Ricoh,0.00178,7.5,0.0,1.0,0.0,1.0,1,2020-03-13,0.0,,0.0,,,Ricoh SP C250DN 1.05 devices have a fixed password. FTP service credential were found to be hardcoded within the printer firmware. This would allow to an attacker to access and read information stored on the shared FTP folders.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-798'],"['cpe:2.3:o:ricoh:sp_c250sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252sf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c250dn_firmware:1.05:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252dn_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252dn:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18203,Ricoh,0.00087,6.1,0.0,1.0,0.0,1.0,1,2019-10-21,0.0,,0.0,,,"On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn and KeyDisplay parameter to /web/entry/en/address/adrsSetUserWizard.cgi.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:ricoh:mp_501_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:mp_501:-:*:*:*:*:*:*:*']",0,0
CVE-2019-19363,Ricoh,0.0007,7.8,1.0,0.0,1.0,0.0,1,2020-01-24,1.0,2020-02-25,,,0.0,An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX Generic Driver - All versions Generic PCL5 Driver - All versions RPCS Driver - All versions PostScript3 Driver - All versions PCL6 (PCL XL) Driver - All versions RPCS Raster Driver - All version,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-732'],"['cpe:2.3:a:ricoh:generic_pcl5_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:a:ricoh:pc_fax_generic_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:a:ricoh:pcl6_\\(pcl_xl\\)_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:a:ricoh:pcl6_driver_for_universal_print:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ricoh:postscript3_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:a:ricoh:ps_driver_for_universal_print:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ricoh:rpcs_driver:-:*:*:*:*:*:*:*', 'cpe:2.3:a:ricoh:rpcs_raster_driver:-:*:*:*:*:*:*:*']",2,1
CVE-2021-33945,Ricoh,0.00255,9.8,0.0,1.0,0.0,1.0,1,2022-02-15,1.0,2022-07-11,,,0.0,"RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpa_supplicant.conf. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:ricoh:sp_320dn_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_320dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_325dnw_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_325dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_320sn_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_320sn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_320sfn_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_320sfn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_325snw_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_325snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_325sfnw_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_325sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_330sn_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_330sn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:aficio_sp_3500sf_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:aficio_sp_3500sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221s_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_220snw_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_220snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221snw_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221sf_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_220sfnw_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_220sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221sfnw_firmware:1.06:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_c2000_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_c2000:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_c250fwb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_c250fwb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_c250fw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_c250fw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c260sfnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c260sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c262sfnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c262sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c261sfnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c261sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c250sf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252sf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:p_c300w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:p_c300w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:p_c301w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:p_c301w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c260dnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c260dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c262dnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c262dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c261dnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c261dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c250dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c250dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_c252dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_c252dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_320_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_320:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_320fb_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_320fb:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_320f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_320f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_2700_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_2700:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:m_2701_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:m_2701:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_330sn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_330sn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_330sfn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_330sfn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_3710sf_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_3710sf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_220snw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_220snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221snw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_220sfnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_220sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221sfnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_277snwx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_277snwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_277sfnwx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_277sfnwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_325snw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_325snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_325sfnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_325sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_377snwx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_377snwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_377sfnwx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_377sfnwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212sfnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212sfw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212sfw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212snw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212suw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212suw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213sfnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213sfw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213sfw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213snw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213snw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213suw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213suw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_311sfnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_311sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_310sfnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_310sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_312sfnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_312sfnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:p_310_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:p_310:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:p_311_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:p_311:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_330dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_330dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_3710dn_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_3710dn:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_220nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_220nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_221nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_221nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_277nwx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_277nwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_325dnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_325dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_377dnwx_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_377dnwx:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_212w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_212w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213nw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213nw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_213w_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_213w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_311dnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_311dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_310dnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_310dnw:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ricoh:sp_312dnw_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:ricoh:sp_312dnw:-:*:*:*:*:*:*:*']",0,0
CVE-2018-18006,Ricoh,0.00658,9.8,0.0,0.0,1.0,0.0,0,2018-12-14,0.0,,0.0,,,"Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of related Google cloud printers, encrypted passwords of mail servers, and names of printed files.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:a:ricoh:myprint:2.2.7:*:*:*:*:android:*:*', 'cpe:2.3:a:ricoh:myprint:2.9.2.4:*:*:*:*:windows:*:*']",0,0
CVE-2019-20001,Ricoh,0.00044,7.8,0.0,0.0,1.0,0.0,0,2020-08-04,1.0,2020-07-31,,,1.0,An issue was discovered in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client that allows attackers to escalate local privileges.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:ricoh:streamline_nx_client_tool:1.4.8:*:*:*:*:*:*:*', 'cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*']",0,0
CVE-2019-6021,Ricoh,0.00133,6.1,0.0,0.0,1.0,0.0,0,2019-12-26,0.0,,1.0,2019-11-13,,Open redirect vulnerability in Library Information Management System LIMEDIO all versions allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-601'],['cpe:2.3:a:ricoh:limedio:*:*:*:*:*:*:*:*'],0,0
CVE-2019-7751,Ricoh,0.12756,7.5,1.0,0.0,1.0,0.0,0,2019-12-31,0.0,,0.0,,,"A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP before 10.0 allows a remote attacker to list or enumerate sensitive contents of files. Furthermore, this could allow for privilege escalation by dumping the local machine's SAM and SYSTEM database files, and possibly remote code execution.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],['cpe:2.3:a:ricoh:fusionpro_vdp:*:*:*:*:*:*:*:*'],1,0
CVE-2018-16217,Yealink,0.00167,8.8,0.0,0.0,0.0,1.0,1,2019-05-29,0.0,,1.0,,,The network diagnostic function (ping) in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:h:yealink:ultra-elegant_ip_phone_sip-t41p:-:*:*:*:*:*:*:*', 'cpe:2.3:o:yealink:ultra-elegant_ip_phone_sip-t41p_firmware:66.83.0.35:*:*:*:*:*:*:*']",0,0
CVE-2018-16218,Yealink,0.00975,8.8,0.0,0.0,0.0,1.0,1,2019-05-29,0.0,,1.0,,,A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device by providing a crafted link to the victim.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:yealink:ultra-elegant_ip_phone_sip-t41p_firmware:66.83.0.35:*:*:*:*:*:*:*', 'cpe:2.3:h:yealink:ultra-elegant_ip_phone_sip-t41p:-:*:*:*:*:*:*:*']",0,0
CVE-2018-16221,Yealink,0.00092,8.0,0.0,0.0,0.0,1.0,1,2019-05-29,0.0,,1.0,,,"The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) does not validate (escape) the path information (path traversal), which allows an authenticated remote attacker to get access to privileged information (e.g., /etc/passwd) via path traversal (relative path information in the file parameter of the corresponding POST request).",CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['CWE-22'],"['cpe:2.3:o:yealink:ultra-elegant_ip_phone_sip-t41p_firmware:66.83.0.35:*:*:*:*:*:*:*', 'cpe:2.3:h:yealink:ultra-elegant_ip_phone_sip-t41p:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14656,Yealink,0.00165,8.8,0.0,1.0,0.0,0.0,0,2019-10-08,0.0,,0.0,,,"Yealink phones through 2019-08-04 do not properly check user roles in POST requests. Consequently, the default User account (with a password of user) can make admin requests via HTTP.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-434'],"['cpe:2.3:h:yeahlink:vp59:-:*:*:*:*:*:*:*', 'cpe:2.3:o:yeahlink:vp59_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:yeahlink:t49g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:yeahlink:t49g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:yeahlink:t58v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:yeahlink:t58v_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-14657,Yealink,0.00225,8.8,0.0,1.0,0.0,0.0,0,2019-10-08,0.0,,0.0,,,"Yealink phones through 2019-08-04 have an issue with OpenVPN file upload. They execute tar as root to extract files, but do not validate the extraction directory. Creating a tar file with ../../../../ allows replacement of almost any file on a phone. This leads to password replacement and arbitrary code execution as root.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-22'],"['cpe:2.3:h:yeahlink:vp59:-:*:*:*:*:*:*:*', 'cpe:2.3:o:yeahlink:vp59_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:yeahlink:t49g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:yeahlink:t49g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:yeahlink:t58v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:yeahlink:t58v_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-27561,Yealink,0.97474,9.8,0.0,0.0,1.0,0.0,0,2021-10-15,0.0,,1.0,2021-02-23,,"Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],['cpe:2.3:a:yealink:device_management:*:*:*:*:*:*:*:*'],0,0
CVE-2018-17587,AirTies,0.00195,6.1,1.0,0.0,0.0,1.0,1,2018-10-02,0.0,,0.0,,,AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:airties:air_5750_firmware:1.0.0.18:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:air_5750:-:*:*:*:*:*:*:*']",1,0
CVE-2018-17588,AirTies,0.00195,6.1,1.0,0.0,0.0,1.0,1,2018-10-02,0.0,,0.0,,,AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:airties:air_5021_firmware:1.0.0.18:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:air_5021:-:*:*:*:*:*:*:*']",1,0
CVE-2018-17589,AirTies,0.00085,6.1,0.0,1.0,0.0,1.0,1,2018-10-02,0.0,,0.0,,,AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:airties:air_5650_firmware:1.0.0.18:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:air_5650:-:*:*:*:*:*:*:*']",0,0
CVE-2018-17590,AirTies,0.00062,6.1,1.0,0.0,0.0,1.0,1,2018-10-02,0.0,,0.0,,,AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:airties:air_5442_firmware:1.0.0.18:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:air_5442:-:*:*:*:*:*:*:*']",1,0
CVE-2018-17591,AirTies,0.00062,6.1,1.0,1.0,0.0,1.0,1,2018-10-02,0.0,,0.0,,,AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:airties:air_5343v2_firmware:1.0.0.18:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:air_5343v2:-:*:*:*:*:*:*:*']",1,0
CVE-2018-17593,AirTies,0.00062,6.1,1.0,0.0,0.0,1.0,1,2018-10-02,0.0,,0.0,,,AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:airties:air_5453_firmware:1.0.0.18:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:air_5453:-:*:*:*:*:*:*:*']",1,0
CVE-2018-17594,AirTies,0.00061,6.1,0.0,1.0,0.0,1.0,1,2018-10-02,0.0,,0.0,,,AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:airties:air_5443v2_firmware:1.0.0.18:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:air_5443v2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-8738,AirTies,0.00116,6.1,1.0,1.0,0.0,1.0,1,2018-07-05,0.0,,0.0,,,Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:airties:5444_firmware:1.0.0.18:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:5444:-:*:*:*:*:*:*:*', 'cpe:2.3:o:airties:5444tt_firmware:1.0.0.18:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:5444tt:-:*:*:*:*:*:*:*']",1,0
CVE-2019-6967,AirTies,0.00458,8.8,1.0,0.0,0.0,1.0,1,2019-03-21,0.0,,0.0,,,AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:airties:air_5341_firmware:1.0.0.12:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:air_5341:-:*:*:*:*:*:*:*']",1,0
CVE-2022-38789,AirTies,0.00161,9.1,0.0,1.0,0.0,1.0,0,2022-09-15,0.0,,0.0,,,"An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,CRITICAL,3.9,5.2,['CWE-639'],"['cpe:2.3:o:airties:air_4920_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:air_4920:-:*:*:*:*:*:*:*', 'cpe:2.3:o:airties:air_4921_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:air_4921:-:*:*:*:*:*:*:*', 'cpe:2.3:o:airties:air_4971_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:airties:air_4971:-:*:*:*:*:*:*:*']",0,0
CVE-2018-19242,Trendnet,0.00085,8.8,0.0,1.0,0.0,1.0,1,2018-12-20,0.0,,1.0,2018-12-05,,Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication).,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-119'],"['cpe:2.3:o:trendnet:tew-632brp_firmware:1.010b32:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-632brp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-673gru_firmware:1.00b40:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-673gru:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7034,Trendnet,0.00588,7.5,0.0,1.0,0.0,1.0,1,2018-02-14,0.0,,0.0,,,"TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 devices allow authentication bypass via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-287'],"['cpe:2.3:o:trendnet:tew-751dr_firmware:1.03b03:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-751dr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-752dru_firmware:1.03b01:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-752dru:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew733gr_firmware:1.03b01:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew733gr:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11400,Trendnet,0.00244,9.8,0.0,1.0,0.0,1.0,1,2019-12-18,0.0,,1.0,2019-12-16,,"An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices. A buffer overflow occurs through the get_set.ccp ccp_act parameter.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:trendnet:tew-651br_firmware:2.04b1:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-651br:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-652brp_firmware:3.04b01:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-652brp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-652bru_firmware:1.00b12:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-652bru:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11417,Trendnet,0.0025,9.8,0.0,1.0,0.0,1.0,1,2019-04-22,0.0,,1.0,2019-04-02,,"system.cgi on TRENDnet TV-IP110WN cameras has a buffer overflow caused by an inadequate source-length check before a strcpy operation in the respondAsp function. Attackers can exploit the vulnerability by using the languse parameter with a long string. This affects 1.2.2 build 28, 64, 65, and 68.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],"['cpe:2.3:o:trendnet:tv-ip110wn_firmware:1.2.2.28:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tv-ip110wn_firmware:1.2.2.64:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tv-ip110wn_firmware:1.2.2.65:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tv-ip110wn_firmware:1.2.2.68:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tv-ip110wn:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11418,Trendnet,0.0025,9.8,0.0,1.0,0.0,1.0,1,2019-04-22,0.0,,1.0,2019-04-02,,apply.cgi on the TRENDnet TEW-632BRP 1.010B32 router has a buffer overflow via long strings to the SOAPACTION:HNAP1 interface.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-119'],"['cpe:2.3:o:trendnet:tew-632brp_firmware:1.010b32:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-632brp:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13153,Trendnet,0.00114,8.8,0.0,1.0,0.0,1.0,1,2019-07-02,1.0,2019-07-01,,,1.0,An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the Private Port in Add Virtual Server.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:trendnet:tew-827dru_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-827dru:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13155,Trendnet,0.00114,8.8,0.0,1.0,0.0,1.0,1,2019-07-02,1.0,2019-07-01,,,1.0,An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi (exploitable with authentication) via the IP Address in Add Virtual Server.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:trendnet:tew-827dru_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-827dru:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13277,Trendnet,0.00149,7.5,0.0,1.0,0.0,1.0,1,2019-07-09,0.0,,0.0,,,"TRENDnet TEW-827DRU with firmware up to and including 2.04B03 allows an unauthenticated attacker to execute setup wizard functionality, giving this attacker the ability to change configuration values, potentially leading to a denial of service. The request can be made on the local intranet or remotely if remote administration is enabled.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:trendnet:tew-827dru_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-827dru:2.0:*:*:*:*:*:*:*']",0,0
CVE-2020-10213,Trendnet,0.00307,8.8,0.0,1.0,0.0,1.0,1,2020-03-07,0.0,,1.0,2020-02-24,,An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:dlink:dir-825_firmware:2.10:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-825:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-632brp_firmware:1.010b32:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-632brp:-:*:*:*:*:*:*:*']",0,0
CVE-2020-10216,Trendnet,0.00307,8.8,0.0,1.0,0.0,1.0,1,2020-03-07,0.0,,1.0,2020-02-24,,An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the date parameter in a system_time.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:dlink:dir-825_firmware:2.10:*:*:*:*:*:*:*', 'cpe:2.3:h:dlink:dir-825:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-632brp_firmware:1.010b32:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-632brp:-:*:*:*:*:*:*:*']",0,0
CVE-2020-14074,Trendnet,0.00136,8.8,0.0,1.0,0.0,1.0,1,2020-06-15,0.0,,0.0,,,TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action kick_ban_wifi_mac_allow with a sufficiently long qcawifi.wifi0_vap0.maclist key.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:trendnet:tew-827dru_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-827dru:-:*:*:*:*:*:*:*']",0,0
CVE-2020-14080,Trendnet,0.00539,9.8,0.0,1.0,0.0,1.0,1,2020-06-15,1.0,2020-04-23,,,1.0,TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to apply_sec.cgi via the action ping_test with a sufficiently long ping_ipaddr key.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:trendnet:tew-827dru_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-827dru:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20151,Trendnet,0.00222,10.0,0.0,1.0,0.0,1.0,1,2021-12-30,0.0,,0.0,,,"Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device. The router's management software manages web sessions based on IP address rather than verifying client cookies/session tokens/etc. This allows an attacker (whether from a different computer, different web browser on the same machine, etc.) to take over an existing session. This does require the attacker to be able to spoof or take over original IP address of the original user's session.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,6.0,['CWE-384'],"['cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-827dru:2.0:*:*:*:*:*:*:*']",0,0
CVE-2021-20155,Trendnet,0.00415,9.8,0.0,1.0,0.0,1.0,1,2021-12-30,0.0,,0.0,,,"Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to backup and restore device configurations via the management web interface. These devices are encrypted using a hardcoded password of ""12345678"".",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-827dru:2.0:*:*:*:*:*:*:*']",0,0
CVE-2021-20159,Trendnet,0.00563,8.8,0.0,1.0,0.0,1.0,1,2021-12-30,0.0,,0.0,,,Trendnet AC2600 TEW-827DRU version 2.08B01 is vulnerable to command injection. The system log functionality of the firmware allows for command injection as root by supplying a malformed parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:h:trendnet:tew-827dru:2.0:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:*']",0,0
CVE-2021-20163,Trendnet,0.00065,4.9,0.0,1.0,0.0,1.0,1,2021-12-30,0.0,,0.0,,,Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page. Usernames and passwords for all ftp users are revealed in plaintext on the ftpserver.asp page.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.2,3.6,['CWE-522'],"['cpe:2.3:o:trendnet:tew-827dru_firmware:2.08b01:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-827dru:2.0:*:*:*:*:*:*:*']",0,0
CVE-2021-28844,Trendnet,0.00102,7.5,0.0,1.0,0.0,1.0,1,2021-08-10,0.0,,1.0,2021-03-02,,"Null Pointer Dereference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03 by sending the POST request to apply_cgi via a do_graph_auth action without a session_id key.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-476'],"['cpe:2.3:o:trendnet:tew-755ap_firmware:1.11b03:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-755ap:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-755ap2kac_firmware:1.11b03:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-755ap2kac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-821dap2kac_firmware:1.11b03:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-821dap2kac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-825dap_firmware:1.11b03:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-825dap:-:*:*:*:*:*:*:*']",0,0
CVE-2021-28846,Trendnet,0.00065,6.5,0.0,1.0,0.0,1.0,1,2021-08-10,1.0,2021-03-02,,,1.0,"A Format String vulnerablity exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service due to a logic bug at address 0x40dcd0 when calling fprintf with ""%s: key len = %d, too long\n"" format. The two variables seem to be put in the wrong order. The vulnerability could be triggered by sending the POST request to apply_cgi with a long and unknown key in the request body.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-134'],"['cpe:2.3:o:trendnet:tew-755ap_firmware:1.11b03:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-755ap:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-755ap2kac_firmware:1.11b03:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-755ap2kac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-821dap2kac_firmware:1.11b03:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-821dap2kac:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-825dap_firmware:1.11b03:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-825dap:-:*:*:*:*:*:*:*']",0,0
CVE-2021-32426,Trendnet,0.00105,6.1,0.0,1.0,0.0,1.0,1,2021-06-17,0.0,,0.0,,,"In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary JavaScript into the router's web interface via the ""echo"" command.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:trendnet:tw100-s4w1ca_firmware:2.3.32:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tw100-s4w1ca:-:*:*:*:*:*:*:*']",0,0
CVE-2021-33315,Trendnet,0.00226,9.8,0.0,1.0,0.0,1.0,1,2022-05-11,1.0,2021-05-24,,,1.0,"The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of PortID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],"['cpe:2.3:o:trendnet:ti-pg1284i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-pg1284i:2.0r:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-g102i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-g102i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-g160i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-g160i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-g642i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-g642i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-pg102i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-pg102i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-pg541i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-pg541i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-rp262i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-rp262i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:teg-30102ws:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:teg-30102ws_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tpe-30102ws:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tpe-30102ws_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2021-33316,Trendnet,0.00226,9.8,0.0,1.0,0.0,1.0,1,2022-05-11,1.0,2021-05-24,,,1.0,"The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of ChassisID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-20'],"['cpe:2.3:o:trendnet:ti-pg1284i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-pg1284i:2.0r:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-g102i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-g102i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-g160i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-g160i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-g642i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-g642i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-pg102i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-pg102i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-pg541i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-pg541i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-rp262i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-rp262i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:teg-30102ws_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:teg-30102ws:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tpe-30102ws_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tpe-30102ws:-:*:*:*:*:*:*:*']",0,0
CVE-2021-33317,Trendnet,0.00088,7.5,0.0,1.0,0.0,1.0,1,2022-05-11,1.0,2021-05-24,,,1.0,"The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-476'],"['cpe:2.3:o:trendnet:ti-pg1284i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-pg1284i:2.0r:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-g102i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-g102i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-g160i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-g160i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-g642i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-g642i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-pg102i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-pg102i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-pg541i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-pg541i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:ti-rp262i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:ti-rp262i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:teg-30102ws_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:teg-30102ws:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tpe-30102ws_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tpe-30102ws:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30325,Trendnet,0.00068,8.8,0.0,0.0,0.0,1.0,1,2022-06-16,1.0,2022-06-02,,,1.0,An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The default pre-shared key for the Wi-Fi networks is the same for every router except for the last four digits. The device default pre-shared key for both 2.4 GHz and 5 GHz networks can be guessed or brute-forced by an attacker within range of the Wi-Fi network.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-521'],"['cpe:2.3:o:trendnet:tew-831dr_firmware:1.0_601.130.1.1356:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-831dr:-:*:*:*:*:*:*:*']",0,0
CVE-2022-33007,Trendnet,0.00081,8.8,0.0,1.0,0.0,1.0,1,2022-06-27,0.0,,0.0,,,TRENDnet Wi-Fi routers TEW751DR v1.03 and TEW-752DRU v1.03 were discovered to contain a stack overflow via the function genacgi_main.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:o:trendnet:tew-752dru_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-752dru:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew-751dr_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-751dr:-:*:*:*:*:*:*:*']",0,0
CVE-2022-37053,Trendnet,0.00214,9.8,0.0,1.0,0.0,1.0,1,2022-08-28,0.0,,0.0,,,TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-94'],"['cpe:2.3:h:trendnet:tew733gr:-:*:*:*:*:*:*:*', 'cpe:2.3:o:trendnet:tew733gr_firmware:1.03b01:*:*:*:*:*:*:*']",0,0
CVE-2022-30326,Trendnet,0.0005,5.4,0.0,0.0,0.0,1.0,0,2022-06-16,1.0,2022-06-02,,,1.0,An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key field on the web interface is vulnerable to XSS. An attacker can use a simple XSS payload to crash the basic.config page of the web interface.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:trendnet:tew-831dr_firmware:1.0_601.130.1.1356:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-831dr:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30327,Trendnet,0.00069,6.5,0.0,0.0,0.0,1.0,0,2022-06-16,1.0,2022-06-02,,,1.0,An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The web interface is vulnerable to CSRF. An attacker can change the pre-shared key of the Wi-Fi router if the interface's IP address is known.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-352'],"['cpe:2.3:o:trendnet:tew-831dr_firmware:1.0_601.130.1.1356:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-831dr:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30328,Trendnet,0.00053,6.5,0.0,0.0,0.0,1.0,0,2022-06-16,1.0,2022-06-02,,,1.0,An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password setup for the web interface does not require entering the existing password. A malicious user can change the username and password of the interface.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-352'],"['cpe:2.3:o:trendnet:tew-831dr_firmware:1.0_601.130.1.1356:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-831dr:-:*:*:*:*:*:*:*']",0,0
CVE-2022-30329,Trendnet,0.00174,9.8,0.0,0.0,0.0,1.0,0,2022-06-16,1.0,2022-06-02,,,1.0,"An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:trendnet:tew-831dr_firmware:1.0_601.130.1.1356:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tew-831dr:-:*:*:*:*:*:*:*']",0,0
CVE-2022-35203,Trendnet,0.00177,7.2,0.0,0.0,0.0,1.0,0,2022-08-23,0.0,,0.0,,,An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated attackers to access sensitive system information.,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-287'],"['cpe:2.3:o:trendnet:tv-ip572pi_firmware:1.0:*:*:*:*:*:*:*', 'cpe:2.3:h:trendnet:tv-ip572pi:-:*:*:*:*:*:*:*']",0,0
CVE-2018-5390,HP,0.78302,7.5,0.0,0.0,1.0,0.0,1,2018-08-06,0.0,,0.0,,,Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-400'],"['cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:6.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:4.18:rc1:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:4.18:rc2:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:4.18:rc3:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:4.18:rc4:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:4.18:rc5:*:*:*:*:*:*', 'cpe:2.3:o:linux:linux_kernel:4.18:rc6:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*', 'cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*', 'cpe:2.3:a:hp:aruba_airwave_amp:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hp:aruba_clearpass_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hp:aruba_clearpass_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_analytics:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_domain_name_system:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_edge_gateway:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_link_controller:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:big-ip_webaccelerator:14.0.0:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:traffix_systems_signaling_delivery_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:a:f5:traffix_systems_signaling_delivery_controller:4.4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.2:*:*:*:*:*:*:*', 'cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.2:p5:*:*:*:*:*:*', 'cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.0:*:*:*:*:*:*:*', 'cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.0:p11:*:*:*:*:*:*', 'cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.1:p8:*:*:*:*:*:*', 'cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.2:*:*:*:*:*:*:*', 'cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.2:p4:*:*:*:*:*:*', 'cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.4:*:*:*:*:*:*:*', 'cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.4:p1:*:*:*:*:*:*', 'cpe:2.3:a:cisco:collaboration_meeting_rooms:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:digital_network_architecture_center:1.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:expressway:x8.10:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:expressway:x8.10.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:expressway:x8.10.2:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:expressway:x8.10.3:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:expressway:x8.10.4:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:expressway:x8.11:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:expressway_series:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:meeting_management:1.0:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:meeting_management:1.0.1:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:network_assurance_engine:2.1\\(1a\\):*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:threat_grid-cloud:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_hybrid_data_security:-:*:*:*:*:*:*:*', 'cpe:2.3:a:cisco:webex_video_mesh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.4:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.11:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:telepresence_video_communication_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.1:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.2:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.3:*:*:*:*:*:*:*', 'cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.4:*:*:*:*:*:*:*', 'cpe:2.3:h:cisco:telepresence_conductor:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7094,HP,0.00044,5.5,0.0,0.0,0.0,1.0,1,2018-08-14,1.0,2018-09-19,,,0.0,A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-5.0.0.0-22913(GA). The vulnerability may be exploited locally to allow disclosure of privileged information.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],['cpe:2.3:o:hpe:3par_service_provider:*:*:*:*:*:*:*:*'],0,0
CVE-2018-7107,HP,0.00083,8.8,0.0,0.0,1.0,0.0,1,2018-09-27,1.0,2018-09-17,,,1.0,"A potential security vulnerability has been identified in HPE Device Entitlement Gateway (DEG) v3.2.4, v3.3 and v3.3.1. The vulnerability could be remotely exploited to allow local SQL injection and elevation of privilege.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-89'],"['cpe:2.3:a:hpe:device_entitlement_gateway:3.2.4:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:device_entitlement_gateway:3.3:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:device_entitlement_gateway:3.3.1:*:*:*:*:*:*:*']",0,0
CVE-2018-7170,HP,0.00144,5.3,0.0,0.0,1.0,0.0,1,2018-03-06,1.0,2019-10-31,,,0.0,ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549.,CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N,NETWORK,HIGH,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,1.6,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:virtual_diskstation_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:hpux-ntp:*:*:*:*:*:*:*:*']",0,0
CVE-2018-7185,HP,0.03268,7.5,0.0,0.0,1.0,0.0,1,2018-03-06,1.0,2019-10-31,,,0.0,"The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the ""other side"" of an interleaved association causing the victim ntpd to reset its association.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p10:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*', 'cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:skynas:*:*:*:*:*:*:*:*', 'cpe:2.3:a:synology:virtual_diskstation_manager:*:*:*:*:*:*:*:*', 'cpe:2.3:o:synology:vs960hd_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*', 'cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*', 'cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*', 'cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:hpux-ntp:*:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:fujitsu_m10-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:oracle:fujitsu_m10-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:fujitsu_m10-4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:oracle:fujitsu_m10-4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:fujitsu_m10-4s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:oracle:fujitsu_m10-4s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:fujitsu_m12-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:oracle:fujitsu_m12-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:fujitsu_m12-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:oracle:fujitsu_m12-2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:fujitsu_m12-2s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:oracle:fujitsu_m12-2s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:fujitsu_m10-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:oracle:fujitsu_m10-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:fujitsu_m10-4_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:oracle:fujitsu_m10-4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:fujitsu_m10-4s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:oracle:fujitsu_m10-4s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:fujitsu_m12-1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:oracle:fujitsu_m12-1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:fujitsu_m12-2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:oracle:fujitsu_m12-2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:oracle:fujitsu_m12-2s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:oracle:fujitsu_m12-2s:-:*:*:*:*:*:*:*']",0,0
CVE-2020-24627,HP,0.00054,5.4,0.0,1.0,0.0,0.0,1,2020-10-02,1.0,2020-10-01,,,1.0,A remote stored xss vulnerability was discovered in HPE KVM IP Console Switches version(s): G2 4x1Ex32 Prior to 2.8.3.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:hpe:kvm_ip_console_switch_g2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:kvm_ip_console_switch_g2:4x1ex32:*:*:*:*:*:*:*']",0,0
CVE-2020-24628,HP,0.00183,8.8,0.0,1.0,0.0,0.0,1,2020-10-02,1.0,2020-10-01,,,1.0,A remote code injection vulnerability was discovered in HPE KVM IP Console Switches version(s): G2 4x1Ex32 Prior to 2.8.3.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-94'],"['cpe:2.3:o:hpe:kvm_ip_console_switch_g2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:kvm_ip_console_switch_g2:4x1ex32:*:*:*:*:*:*:*']",0,0
CVE-2021-25141,HP,0.00042,4.4,0.0,1.0,0.0,0.0,1,2021-02-09,1.0,2021-02-02,,,1.0,A security vulnerability has been identified in in certain HPE and Aruba L2/L3 switch firmware. A data processing error due to improper handling of an unexpected data type in user supplied information to the switch's management interface has been identified. The data processing error could be exploited to cause a crash or reboot in the switch management interface and/or possibly the switch itself leading to local denial of service (DoS). The user must have administrator privileges to exploit this vulnerability.,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,0.8,3.6,['NVD-CWE-Other'],"['cpe:2.3:o:arubanetworks:aruba_5406r_zl2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:arubanetworks:aruba_5406r_zl2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:aruba_5412r_zl2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:arubanetworks:aruba_5412r_zl2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:aruba_3810m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:arubanetworks:aruba_3810m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:aruba_2930m_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:arubanetworks:aruba_2930m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:aruba_2930f_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:arubanetworks:aruba_2930f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:aruba_2920_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:arubanetworks:aruba_2920:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:aruba_2540_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:arubanetworks:aruba_2540:-:*:*:*:*:*:*:*', 'cpe:2.3:h:arubanetworks:aruba_2530ya:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:aruba_2530ya_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:aruba_3800_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:arubanetworks:aruba_3800:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:aruba_2620_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:arubanetworks:aruba_2620:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:8200_zl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:8200_zl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:6200_yl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:6200_yl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:3500_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:3500:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:3500_yl_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:3500_yl:-:*:*:*:*:*:*:*', 'cpe:2.3:o:arubanetworks:aruba_2530yb_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:arubanetworks:aruba_2530yb:-:*:*:*:*:*:*:*']",0,0
CVE-2022-23702,HP,0.00044,6.7,0.0,1.0,0.0,1.0,1,2022-04-12,1.0,2022-04-04,,,1.0,"A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. The vulnerability could be locally exploited to allow an user with Administrator access to escalate their privilege. The vulnerability is resolved in the latest firmware update. HPE Superdome Flex Server Version 3.50.58 or later, HPE Superdome Flex 280 Server Version 1.20.204 or later.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:hpe:superdome_flex_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:superdome_flex_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:superdome_flex_280_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:superdome_flex_280_server:-:*:*:*:*:*:*:*']",0,0
CVE-2016-4370,HP,0.00126,8.8,0.0,0.0,1.0,0.0,0,2016-06-09,0.0,,0.0,,,HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:hpe:project_and_portfolio_management_center:9.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:project_and_portfolio_management_center:9.21:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:project_and_portfolio_management_center:9.22:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:project_and_portfolio_management_center:9.30:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:project_and_portfolio_management_center:9.31:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:project_and_portfolio_management_center:9.32:*:*:*:*:*:*:*']",0,0
CVE-2016-7434,HP,0.96455,7.5,1.0,0.0,1.0,0.0,0,2017-01-13,1.0,2017-03-09,,,0.0,The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p100:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p101:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p102:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p103:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p104:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p105:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p106:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p107:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p108:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p109:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p110:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p111:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p112:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p113:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p114:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p115:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p116:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p117:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p118:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p119:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p120:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p121:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p122:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p123:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p124:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p125:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p126:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p127:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p128:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p129:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p130:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p131:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p132:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p133:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p134:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p135:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p136:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p137:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p138:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p139:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p140:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p141:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p142:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p143:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p144:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p145:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p146:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p147:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p148:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p149:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p150:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p151:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p152:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p153:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p154:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p155:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p156:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p157:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p158:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p159:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p160:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p161:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p162:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p163:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p164:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p165:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p166:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p170:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p171:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p172:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p173:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p174:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p175:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p176:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p177:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p178:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p179:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p180:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p181:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p182:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p183:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p184:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p185:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p186:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p187:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p188:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p189:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p190:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p191:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p192:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p193:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p194:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p195:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p196:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p197:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p198:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p199:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p200:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p201:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p202:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p203:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p204:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p205:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p206:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p207:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p208:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p209:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p210:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p211:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p212:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p213:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p214:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p215:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p216:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p217:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p218:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p219:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p22:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p220:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p221:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p222:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p223:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p224:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p225:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p226:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p227:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p228:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p229:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p23:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p230:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p231:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p232:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p233:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p234:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p235:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p236:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p237:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p238:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p239:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p24:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p240:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p241:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p242:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p243:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p244:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p245:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p246:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p247:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p248:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p249:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p25:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p250:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p251:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p252:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p253:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p254:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p255:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p256:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p257:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p258:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p259:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p26:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p260:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p261:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p262:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p263:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p264:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p265:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p266:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p267:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p268:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p269:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p27:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p270:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p271:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p272:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p273:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p274:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p275:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p276:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p277:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p278:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p279:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p28:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p280:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p281:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p282:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p283:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p284:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p285:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p286:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p287:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p288:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p289:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p29:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p290:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p291:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p292:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p293:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p294:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p295:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p296:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p297:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p298:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p299:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p30:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p300:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p301:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p302:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p303:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p304:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p305:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p306:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p307:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p308:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p309:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p31:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p310:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p311:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p312:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p313:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p314:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p315:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p316:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p317:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p318:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p319:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p32:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p320:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p321:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p322:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p323:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p324:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p325:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p326:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p327:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p328:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p329:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p33:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p330:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p331:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p332:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p333:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p334:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p335:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p336:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p337:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p338:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p339:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p34:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p340:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p341:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p342:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p343:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p344:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p345:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p346:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p347:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p348:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p349:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p35:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p350:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p351:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p352:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p353:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p354:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p355:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p356:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p357:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p358:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p359:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p36:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p360:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p361:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p362:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p363:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p364:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p365:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p366:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p367:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p368:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p369:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p37:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p370:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p371:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p372:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p373:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p374:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p375:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p376:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p377:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p378:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p379:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p38:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p380:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p381:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p382:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p383:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p384:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p385:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p386:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p387:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p388:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p389:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p39:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p390:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p391:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p392:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p393:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p394:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p395:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p396:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p397:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p398:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p399:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p4:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p40:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p400:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p401:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p402:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p403:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p404:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p405:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p406:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p407:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p408:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p409:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p41:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p410:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p411:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p412:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p413:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p414:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p415:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p416:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p417:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p418:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p419:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p42:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p420:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p421:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p422:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p423:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p424:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p425:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p426:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p427:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p428:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p429:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p43:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p430:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p431:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p432:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p433:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p434:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p435:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p436:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p437:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p438:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p439:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p44:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p440:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p441:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p442:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p443:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p444:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p445:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p446:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p447:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p448:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p449:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p45:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p450:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p451:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p452:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p453:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p454:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p455:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p456:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p457:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p458:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p459:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p46:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p460:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p461:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p462:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p463:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p464:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p465:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p466:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p467:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p468:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p469:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p47:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p470:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p471:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p472:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p473:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p474:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p475:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p476:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p477:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p478:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p479:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p48:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p480:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p481:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p482:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p483:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p484_rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p485_rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p486_rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p49:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p5:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p50:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p51:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p52:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p53:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p54:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p55:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p56:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p57:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p58:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p59:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p6:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p60:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p61:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p62:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p63:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p64:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p65:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p66:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p67:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p68:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p69:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p7:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p70:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p71:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p72:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p73:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p74:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p75:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p76:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p77:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p78:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p79:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p8:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p80:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p81:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p82:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p83:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p84:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p85:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p86:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p87:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p88:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p89:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p9:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p90:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p91:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p92:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p93:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p94:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p95:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p96:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p97:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p98:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.7:p99:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*', 'cpe:2.3:a:hpe:hpux-ntp:*:*:*:*:*:*:*:*']",1,1
CVE-2016-9042,HP,0.01865,5.9,0.0,0.0,1.0,0.0,0,2018-06-04,1.0,2019-10-31,,,0.0,An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.2,3.6,['CWE-20'],"['cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:*', 'cpe:2.3:o:freebsd:freebsd:11.0:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:hpux-ntp:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_net_cp_443-1_opc_ua_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_net_cp_443-1_opc_ua:-:*:*:*:*:*:*:*']",0,0
CVE-2017-6458,HP,0.00494,8.8,0.0,0.0,1.0,0.0,0,2017-03-27,1.0,2019-10-31,,,0.0,Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-119'],"['cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*', 'cpe:2.3:a:hpe:hpux-ntp:*:*:*:*:*:*:*:*', 'cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*', 'cpe:2.3:o:siemens:simatic_net_cp_443-1_opc_ua_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:siemens:simatic_net_cp_443-1_opc_ua:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7108,HP,0.0012,5.9,0.0,0.0,1.0,0.0,0,2018-09-27,1.0,2018-09-20,,,1.0,HPE StorageWorks XP7 Automation Director (AutoDir) version 8.5.2-02 to earlier than 8.6.1-00 has a local and remote authentication bypass vulnerability that exposed the user authentication information of the storage system. This problem sometimes occurred under specific conditions when running a service template.,CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-287'],['cpe:2.3:a:hpe:storageworks_xp7_automation_director:*:*:*:*:*:*:*:*'],0,0
CVE-2018-7110,HP,0.00168,5.9,0.0,0.0,1.0,0.0,0,2018-10-17,1.0,2018-09-26,,,1.0,"A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework (SGF) version 4.2, 4.3. A race condition under high load in SGF exists where SGF transferred different parameter to the enabler.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,['CWE-362'],"['cpe:2.3:a:hpe:service_governance_framework:4.2:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:service_governance_framework:4.3:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*', 'cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*']",0,0
CVE-2019-11136,HP,0.00044,6.7,0.0,1.0,0.0,1.0,0,2019-11-14,1.0,2019-11-20,,,0.0,"Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:intel:xeon_platinum_8253_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8256_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8276_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8276m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8276l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8280l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8280m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8280_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8268_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8270_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8274_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8274:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8284_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8284:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_9242_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_9282_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8153_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8153:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8156_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8156:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8158_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8158:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8176_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8160_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8164_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8164:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8168_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8168:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8170_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8170:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8180_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8180:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8160t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8160f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8176f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6210u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6244_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6212u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6230_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5222_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6248_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6252_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6242_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5217_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6226_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6254_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5220s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5215_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6222v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6252n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5215m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6246_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5215l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5220t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6209u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6262v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6138_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6148_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6148:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5120t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5120t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6136_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6136:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6150_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6152_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6152:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6130_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6128_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6128:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5118_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5118:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6134_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6134:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6126_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5120_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5115_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5115:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6154_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6154:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6140_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6140:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6140m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6140m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6132_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6132:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6138t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6142f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6142f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6130t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6138f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6130f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6126t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6126f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6148f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6148f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6146_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6146:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6144_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6144:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4209t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4210_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4214_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4214y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4215_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4208_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4216_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4116_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4116:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4109t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4109t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4114_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4114:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4112_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4112:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4108_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4108:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4110_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_bronze_3106_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3106:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_bronze_3104_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1602:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1653n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1622:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1623n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1627:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1637:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1633n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1649n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2141i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2177nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2161i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2143it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2146nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2145nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2123it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2173it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2191:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2187nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2142it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2163it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2183it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2166nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1533n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1513n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1543n:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1523n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1553n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1539:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1529:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1559:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1557:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1567:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1577:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1571:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1528:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1541:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1518:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1521:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1531:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1548:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1527:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1537:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2699a_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4627_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4627_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4610_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4610_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4620_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4628l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4660_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4640_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4669_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4669_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4667_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4655_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4655_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4650_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1660_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1630_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1620_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1680_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1650_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2687w_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2687w_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2695_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2695_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2690_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2690_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2699_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2650l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2658_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2698_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2698_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2660_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2680_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2697_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2683_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2683_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2628l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2650_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2697a_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2648l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2648l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2620_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2630l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2608l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2608l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2667_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2643_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2643_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2623_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2623_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2609_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2609_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2630_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2618l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2618l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2637_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2637_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2603_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2603_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2640_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8894_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8894_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8893_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8893_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8891_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8891_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8890_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8890_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8880_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8880_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8870_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8870_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8867_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8867_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8860_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8860_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4850_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4850_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4830_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4830_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4820_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4820_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4809_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4809_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3308_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3308:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3336_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3336:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3338_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3338:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3508_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3508:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3538_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3538:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3558_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3558:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3708_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3708:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3750_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3758_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3758:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3808_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3808:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3858_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3858:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3830_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3950_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3950:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3955_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3955:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3958_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3958:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2758_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2758:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2738_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2738:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2718_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2718:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2558_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2558:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2538_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2538:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2518_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2518:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2508_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2508:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2358_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2358:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2338_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2338:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2308_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2308:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2750_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2730_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2730:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2550_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2530_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2516_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2516:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2350_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2316_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2316:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:apollo_4200_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4200_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_bl460c_gen10_server_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl580_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl560_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl380_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl360_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl180_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl160_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl120_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml350_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml110_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl450_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl270d_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl230k_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl190r_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl170r_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_e910_server_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_e910_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_660_gen10_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_660_gen10_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_480_gen10_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_480_gen10_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_bl660c_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl660c_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_bl460c_gen9_server_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen9_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl580_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl560_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl380_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl360_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl180_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl180_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl160_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl120_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl120_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl80_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl80_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl60_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl60_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl730f_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl730f_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl450_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl450_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl250a_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl250a_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl230a_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl230a_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl190r_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl190r_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl170r_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl170r_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_680_gen9_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_680_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_620_gen9_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_620_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_480_gen9_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_480_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml150_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml150_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml110_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml110_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:apollo_4200_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4200_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml350_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ws460c_gen9_graphics_server_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ws460c_gen9_graphics_server_blade:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11137,HP,0.00044,8.2,0.0,1.0,0.0,1.0,0,2019-11-14,1.0,2019-11-20,,,0.0,"Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,CHANGED,HIGH,HIGH,HIGH,HIGH,1.5,6.0,['CWE-20'],"['cpe:2.3:o:intel:xeon_platinum_8253_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8256_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8276_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8276m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8276l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8280l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8280m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8280_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8260y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8268_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8270_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8274_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8274:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8284_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8284:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_9242_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_9282_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8153_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8153:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8156_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8156:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8158_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8158:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8176_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8160_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8164_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8164:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8168_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8168:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8170_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8170:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8180_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8180:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8160t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8160f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8160f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_platinum_8176f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_platinum_8176f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6210u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6244_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6212u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6230_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5222_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6248_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6252_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6242_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5217_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6226_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6254_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5220_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218b_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6238_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6240m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6240m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5220s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5215_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6222v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6252n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5215m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6246_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5215l_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5218t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5220t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6209u_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6262v_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5122_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5122:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6138_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6148_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6148:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5120t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5120t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6136_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6136:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6150_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6150:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6152_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6152:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6130_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6128_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6128:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5118_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5118:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6134_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6134:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6126_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5120_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5120:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_5115_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_5115:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6154_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6154:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6140_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6140:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6140m_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6140m:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6132_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6132:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6138t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6142f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6142f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6130t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6138f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6138f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6130f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6130f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6126t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6126f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6126f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6148f_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6148f:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6146_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6146:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_gold_6144_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_gold_6144:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4209t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4210_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4214_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4214y_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4215_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4208_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4216_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4116_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4116:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4109t_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4109t:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4114_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4114:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4112_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4112:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4108_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4108:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_silver_4110_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_silver_4110:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_bronze_3204_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_bronze_3106_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3106:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_bronze_3104_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_bronze_3104:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1602_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1602:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1653n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1653n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1622_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1622:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1623n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1623n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1627_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1627:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1637_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1637:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1633n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1633n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1649n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1649n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2141i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2177nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2161i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2143it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2146nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2145nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2123it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2173it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2191:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2187nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2142it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2163it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2183it:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-2166nt:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1533n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1533n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1513n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1513n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1543n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1543n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1523n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1523n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1553n_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1553n:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1539_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1539:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1529_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1529:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1559_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1559:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1557_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1557:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1567_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1567:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1577_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1577:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1571_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1571:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1528_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1528:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1541_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1541:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1518_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1518:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1521_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1521:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1531_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1531:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1548_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1548:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1527_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1527:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1537_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1537:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1520_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1520:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_d-1540_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_d-1540:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2699a_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4627_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4627_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4610_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4610_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4620_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4628l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4660_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4640_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4669_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4669_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4667_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4655_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4655_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-4650_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-4650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1660_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1630_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1620_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1680_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-1650_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-1650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2687w_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2687w_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2695_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2695_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2690_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2690_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2699_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2699_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2650l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2658_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2658_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2698_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2698_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2660_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2660_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2680_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2680_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2697_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2683_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2683_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2628l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2628l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2650_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2650_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2697a_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2697a_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2648l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2648l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2620_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2620_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2630l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2608l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2608l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2667_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2667_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2643_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2643_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2623_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2623_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2609_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2609_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2630_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2630_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2618l_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2618l_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2637_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2637_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2603_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2603_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e5-2640_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e5-2640_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8894_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8894_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8893_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8893_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8891_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8891_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8890_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8890_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8880_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8880_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8870_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8870_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8867_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8867_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-8860_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-8860_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4850_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4850_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4830_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4830_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4820_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4820_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:xeon_e7-4809_v4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:xeon_e7-4809_v4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3308_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3308:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3336_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3336:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3338_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3338:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3508_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3508:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3538_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3538:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3558_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3558:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3708_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3708:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3750_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3758_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3758:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3808_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3808:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3850_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3850:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3858_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3858:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3830_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3830:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3950_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3950:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3955_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3955:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c3958_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c3958:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2758_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2758:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2738_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2738:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2718_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2718:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2558_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2558:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2538_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2538:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2518_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2518:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2508_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2508:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2358_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2358:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2338_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2338:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2308_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2308:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2750_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2750:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2730_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2730:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2550_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2550:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2530_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2530:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2516_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2516:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2350_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2350:-:*:*:*:*:*:*:*', 'cpe:2.3:o:intel:atom_c2316_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:intel:atom_c2316:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:apollo_4200_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4200_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_bl460c_gen10_server_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl580_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl560_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl380_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl360_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl180_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl160_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl120_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml350_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml110_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl450_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl270d_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl230k_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl190r_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl170r_gen10_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_e910_server_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_e910_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_660_gen10_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_660_gen10_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_480_gen10_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_480_gen10_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_bl660c_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl660c_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_bl460c_gen9_server_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen9_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl580_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl560_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl380_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl360_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl180_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl180_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl160_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl120_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl120_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl80_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl80_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_dl60_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl60_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl730f_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl730f_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl450_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl450_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl250a_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl250a_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl230a_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl230a_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl190r_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl190r_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_xl170r_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl170r_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_680_gen9_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_680_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_620_gen9_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_620_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:synergy_480_gen9_compute_module_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_480_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml150_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml150_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml110_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml110_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:apollo_4200_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4200_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ml350_gen9_server_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:proliant_ws460c_gen9_graphics_server_blade_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ws460c_gen9_graphics_server_blade:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11987,HP,0.00044,7.8,0.0,0.0,1.0,0.0,0,2019-06-05,1.0,2019-05-31,,,1.0,A security vulnerability in HPE Smart Update Manager (SUM) prior to v8.4 could allow local unauthorized elevation of privilege.,CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:hpe:smart_update_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2019-11996,HP,0.00222,9.8,0.0,1.0,0.0,1.0,0,2019-11-07,1.0,2019-11-05,,,1.0,"Potential security vulnerabilities have been identified with HPE Nimble Storage systems in multi array group configurations. The vulnerabilities could be exploited by an attacker to gain elevated privileges on the array. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 3.9.2.0, 4.5.5.0, 5.0.8.0 and 5.1.3.0.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:hpe:nimble_storage_af20_all_flash_array:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_af20q_all_flash_dual_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_af40_all_flash_dual_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_af60_all_flash_dual_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_af80_all_flash_dual_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_cs3000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_cs5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_cs7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_secondary_flash_arrays:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:nimbleos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:nimbleos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:nimbleos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:nimbleos:*:*:*:*:*:*:*:*']",0,0
CVE-2019-11998,HP,0.00044,5.5,0.0,1.0,0.0,0.0,0,2020-01-16,1.0,2020-01-29,,,0.0,"HPE Superdome Flex Server is vulnerable to multiple remote vulnerabilities via improper input validation of administrator commands. This vulnerability could allow an Administrator to bypass security restrictions and access multiple remote vulnerabilities including information disclosure, or denial of service. HPE has provided firmware updates that address the above vulnerabilities for the HPE Superdome Flex Server starting with firmware version v3.20.186 (not available online) and v3.20.206 (available online). Apply v3.20.206 (4 December 2019) or a newer version to resolve this issue. Please visit HPE Support Center https://support.hpe.com/hpesc/public/home to obtain the updated firmware for your product.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-20'],"['cpe:2.3:h:hpe:superdome_flex_server:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:superdome_flex_server_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-8936,HP,0.00522,7.5,0.0,0.0,1.0,0.0,0,2019-05-15,1.0,2019-10-31,,,0.0,NTP through 4.2.8p12 has a NULL Pointer Dereference.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-476'],"['cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*', 'cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*', 'cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*', 'cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*', 'cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:hpux-ntp:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p10:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p11:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p12:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*', 'cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*']",0,0
CVE-2020-24623,HP,0.00236,6.5,0.0,0.0,1.0,0.0,0,2020-09-18,1.0,2020-09-14,,,1.0,A potential security vulnerability has been identified in Hewlett Packard Enterprise Universal API Framework. The vulnerability could be remotely exploited to allow SQL injection in HPE Universal API Framework for VMware Esxi v2.5.2 and HPE Universal API Framework for Microsoft Hyper-V (VHD).,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-89'],"['cpe:2.3:a:hpe:universal_api_framework:*:*:*:*:*:microsoft_hyper-v:*:*', 'cpe:2.3:a:hpe:universal_api_framework:*:*:*:*:*:vmware_esxi:*:*']",0,0
CVE-2020-24624,HP,0.01437,7.5,0.0,0.0,1.0,0.0,0,2020-09-23,0.0,,1.0,2020-09-17,,Unathenticated directory traversal in the DownloadServlet class execute() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],['cpe:2.3:a:hpe:utility_computing_service_meter:1.9:*:*:*:pay_per_use:*:*:*'],0,0
CVE-2020-24626,HP,0.01441,9.8,0.0,0.0,1.0,0.0,0,2020-09-23,0.0,,1.0,2020-09-17,,Unathenticated directory traversal in the ReceiverServlet class doPost() method can lead to arbitrary remote code execution in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-22'],['cpe:2.3:a:hpe:utility_computing_service_meter:1.9:*:*:*:pay_per_use:*:*:*'],0,0
CVE-2020-7136,HP,0.26248,9.8,0.0,0.0,1.0,0.0,0,2020-04-30,1.0,2020-04-29,,,1.0,A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP).,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:hpe:smart_update_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2020-7138,HP,0.00563,8.8,0.0,1.0,0.0,1.0,0,2020-05-19,1.0,2020-05-19,,,1.0,"Potential remote code execution security vulnerabilities have been identified with HPE Nimble Storage systems that could be exploited by an attacker to gain elevated privileges on the array. The following NimbleOS versions, and all subsequent releases, contain a software fix for this vulnerability: 3.9.3.0 4.5.6.0 5.0.9.0 5.1.4.100",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:hpe:nimbleos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:nimbleos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:nimbleos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:nimbleos:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_af20_all_flash_array:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_af20q_all_flash_dual_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_af40_all_flash_dual_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_af60_all_flash_dual_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_af80_all_flash_dual_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_cs3000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_cs5000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_cs7000:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_secondary_flash_arrays:-:*:*:*:*:*:*:*']",0,0
CVE-2020-7205,HP,0.00044,6.7,0.0,1.0,1.0,0.0,0,2020-07-30,1.0,2020-07-31,,,0.0,"A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. **Note:** This vulnerability is related to using insmod in GRUB2 in the specific impacted HPE product and HPE is addressing this issue. HPE has made the following software updates and mitigation information to resolve the vulnerability in Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. HPE provided latest Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting Toolkit which includes the GRUB2 patch to resolve this vulnerability. These new boot images will update GRUB2 and the Forbidden Signature Database (DBX). After the DBX is updated, users will not be able to boot to the older IP, SPP or Scripting ToolKit with Secure Boot enabled. HPE have provided a standalone DBX update tool to work with Microsoft Windows, and supported Linux Operating Systems. These tools can be used to update the Forbidden Signature Database (DBX) from within the OS. **Note:** This DBX update mitigates the GRUB2 issue with insmod enabled, and the ""Boot Hole"" issue for HPE signed GRUB2 applications.",CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:hpe:intelligent_provisioning:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen8_blade_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl660c_gen8_blade_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360e_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360p_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380e_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380p_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl385p_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml310e_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350e_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350p_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_sl230s_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_sl250s_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_sl270s_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_sl4540_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ws460c_gen8_graphics_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:intelligent_provisioning:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:service_pack_for_proliant:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:smartstart_scripting_toolkit:*:*:*:*:*:linux:*:*', 'cpe:2.3:h:hpe:apollo_4200_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4520_chassis:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cloudline_cl3100_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cloudline_cl5200_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cloudline_cl5800_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen9_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl660c_gen9_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl120_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl180_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl20_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl388_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl60_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl80_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_e910_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_m510_server_cartridge:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_m710x-l_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_m710x_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_m750_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml10_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml110_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml150_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml30_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_se2160w_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ws460c_gen9_graphics_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl170r_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl190r_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl230a_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl250a_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl260a_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl270d_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl450_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl730f_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl740f_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl750f_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1000_storage_gen9:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_480_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_620_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_660_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_680_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_d3940_storage_module:-:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:intelligent_provisioning:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:intelligent_provisioning:3.31:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:intelligent_provisioning:3.40:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:service_pack_for_proliant:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:smartstart_scripting_toolkit:*:*:*:*:*:linux:*:*', 'cpe:2.3:h:hpe:apollo_2000_gen10_plus_system:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4200_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4510_gen10_system:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_6500_gen10_system:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cloudline_cl2100_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cloudline_cl2200_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cloudline_cl2600_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cloudline_cl2800_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cloudline_cl3100_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cloudline_cl3150_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cloudline_cl4100_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl120_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx170r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx190r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx360_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx380_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx385_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx4200_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx560_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_microserver_gen10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_microserver_gen10_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl220n_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl270d_gen9_special_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl290n_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl2x260w_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl925g_gen10_plus_1u_4-node_configure-to-order_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:simplivity_2600_gen10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:simplivity_325_gen10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:simplivity_380_gen10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1000_storage_gen10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_480_gen10_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_480_gen10_plus_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_660_gen10_compute_module:-:*:*:*:*:*:*:*']",0,0
CVE-2021-25142,HP,0.00042,7.8,0.0,1.0,0.0,0.0,0,2021-02-08,1.0,2021-02-03,,,1.0,The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webstartflash function.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-120'],"['cpe:2.3:h:hpe:apollo_70_system:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:baseboard_management_controller:*:*:*:*:*:*:*:*']",0,0
CVE-2021-25169,HP,0.00042,7.8,0.0,1.0,0.0,0.0,0,2021-02-08,1.0,2021-02-03,,,1.0,The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetservicecfg function.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-120'],"['cpe:2.3:o:hpe:baseboard_management_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_70_system:-:*:*:*:*:*:*:*']",0,0
CVE-2021-25172,HP,0.00044,7.8,0.0,1.0,0.0,0.0,0,2021-02-08,1.0,2021-02-03,,,1.0,The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so websetdefaultlangcfg function.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-77'],"['cpe:2.3:o:hpe:baseboard_management_controller:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_70_system:-:*:*:*:*:*:*:*']",0,0
CVE-2021-26570,HP,0.00042,7.8,0.0,1.0,0.0,0.0,0,2021-02-08,1.0,2021-02-03,,,1.0,The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webifc_setadconfig function.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-120'],"['cpe:2.3:h:hpe:apollo_70_system:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:baseboard_management_controller:*:*:*:*:*:*:*:*']",0,0
CVE-2021-26579,HP,0.00042,5.5,0.0,0.0,1.0,0.0,0,2021-03-30,1.0,2021-03-19,,,1.0,A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information (CWE-321: Use of Hard-coded Cryptographic Key in a product). HPE has provided updates to versions 1.2009.0 and 1.2101.0 of HPE Unified Data Management (UDM). Version 1.2103.0 of HPE Unified Data Management (UDM) removes all hard-coded cryptographic keys.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['CWE-798'],"['cpe:2.3:a:hpe:unified_data_management:1.2009.0:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:unified_data_management:1.2101.0:*:*:*:*:*:*:*']",0,0
CVE-2021-26585,HP,0.00042,5.5,0.0,0.0,1.0,0.0,0,2021-06-24,1.0,2021-06-08,,,1.0,A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which could lead to a local disclosure of privileged information. HPE has provided an update to OneView Global Dashboard. The issue is resolved in 2.32.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,1.8,3.6,['NVD-CWE-noinfo'],['cpe:2.3:a:hpe:oneview_global_dashboard:2.31:*:*:*:*:*:*:*'],0,0
CVE-2021-29216,HP,0.00073,6.1,0.0,0.0,1.0,0.0,0,2022-02-24,1.0,2022-02-22,,,1.0,A remote cross-site scripting vulnerability was discovered in HPE OneView Global Dashboard version(s): Prior to 2.5. HPE has provided a software update to resolve this vulnerability in HPE OneView Global Dashboard.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:hpe:oneview_global_dashboard:*:*:*:*:*:*:*:*'],0,0
CVE-2021-29217,HP,0.00113,6.1,0.0,0.0,1.0,0.0,0,2022-02-24,1.0,2022-02-22,,,1.0,A remote URL redirection vulnerability was discovered in HPE OneView Global Dashboard version(s): Prior to 2.5. HPE has provided a software update to resolve this vulnerability in HPE OneView Global Dashboard.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-601'],['cpe:2.3:a:hpe:oneview_global_dashboard:*:*:*:*:*:*:*:*'],0,0
CVE-2021-3191,HP,0.00357,8.8,0.0,0.0,1.0,0.0,0,2021-02-09,1.0,2021-02-08,,,1.0,"Idelji Web ViewPoint Suite, as used in conjunction with HPE NonStop, allows Remote Unauthorized Access for T0320L01^ABY and T0320L01^ACD, T0952L01^AAR through T0952L01^AAX, and T0986L01^AAD through T0986L01^AAJ (L) and T0320H01^ABW through T0320H01^ACC, T0952H01^AAQ through T0952H01^AAW, and T0986H01^AAC through T0986H01^AAI (J and H).",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:hpe:nonstop:-:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:web_viewpoint:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:web_viewpoint:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:web_viewpoint:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:web_viewpoint:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:web_viewpoint:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:web_viewpoint:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:web_viewpoint:*:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:web_viewpoint:15.02.00:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:web_viewpoint:15.02.01:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:web_viewpoint:t0320l01\\^aby:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:web_viewpoint:t0320l01\\^acd:*:*:*:*:*:*:*']",0,0
CVE-2021-41001,HP,0.00344,8.8,0.0,1.0,0.0,1.0,0,2022-03-02,1.0,2022-02-22,,,1.0,"An authenticated remote code execution vulnerability was discovered in the AOS-CX Network Analytics Engine (NAE) in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): AOS-CX 10.07.xxxx: 10.07.0050 and below, AOS-CX 10.08.xxxx: 10.08.1030 and below, AOS-CX 10.09.xxxx: 10.09.0002 and below. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-77'],"['cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_8320:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_8325-32-c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_8325-48y8c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_8360-12c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_8360-16y2c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_8360-24xf2c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_8360-32y4c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_8360-48xt4c:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_8400x:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_cx_6200f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_cx_6300f:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_cx_6300m:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_cx_6405:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_cx_6410:-:*:*:*:*:*:*:*']",0,0
CVE-2021-41004,HP,0.00089,7.5,0.0,1.0,0.0,1.0,0,2022-04-12,1.0,2022-04-06,,,1.0,A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:h:hpe:aruba_instant_on_1930_8g_2sfp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:aruba_instant_on_1930_8g_2sfp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_instant_on_1930_8g_class4_poe_2sfp_124w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:aruba_instant_on_1930_8g_class4_poe_2sfp_124w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_instant_on_1930_48g_class4_poe_4sfp\\/sfp\\+_370w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:aruba_instant_on_1930_48g_class4_poe_4sfp\\/sfp\\+_370w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_instant_on_1930_48g_4sfp\\/sfp\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:aruba_instant_on_1930_48g_4sfp\\/sfp\\+_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_instant_on_1930_24g_class4_poe_4sfp\\/sfp\\+_370w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:aruba_instant_on_1930_24g_class4_poe_4sfp\\/sfp\\+_370w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_instant_on_1930_24g_class4_poe_4sfp\\/sfp\\+_195w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:aruba_instant_on_1930_24g_class4_poe_4sfp\\/sfp\\+_195w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:aruba_instant_on_1930_24g_4sfp\\/sfp\\+:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:aruba_instant_on_1930_24g_4sfp\\/sfp\\+_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2022-23704,HP,0.00627,7.5,0.0,1.0,0.0,0.0,0,2022-05-09,1.0,2022-04-11,,,1.0,A potential security vulnerability has been identified in Integrated Lights-Out 4 (iLO 4). The vulnerability could allow remote Denial of Service. The vulnerability is resolved in Integrated Lights-Out 4 (iLO 4) 2.80 and later.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:hp:integrated_lights-out_4:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4200_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl420c_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen8_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen9_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl465c_gen8_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl660c_gen8_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl660c_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl120_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl180_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl20_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl320e_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl320e_gen8_v2_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360e_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360p_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380e_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380p_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl385p_gen8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl60_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl80_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ec200a_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_microserver_gen8:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml110_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml150_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml30_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml310e_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml310e_gen8_v2_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350e_gen8_v2_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350p_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_sl210t_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_sl230s_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_sl250s_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_sl270s_gen8_se_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_sl270s_gen8_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_sl4540_gen8_1_node_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ws460c_gen8_graphics_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ws460c_gen9_graphics_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl170r_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl190r_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl220a_gen8_v2_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl230a_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl250a_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl450_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl730f_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl740f_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl750f_gen9_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_480_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_620_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_660_gen9_compute_module:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:synergy_680_gen9_compute_module:-:*:*:*:*:*:*:*']",0,0
CVE-2022-25256,HP,0.00092,6.1,0.0,0.0,1.0,0.0,0,2022-02-19,1.0,2020-03-31,,,1.0,"SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfs_request_backlabel_list and saspfs_request_backurl_list. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing the button, e.g., a malicious web page. In addition, the second parameter executes JavaScript, which means XSS is possible by adding a javascript: URL.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:a:sas:web_report_studio:4.4:*:*:*:*:*:*:*', 'cpe:2.3:a:hpe:hp-ux_ipfilter:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ibm:aix:-:*:*:*:*:*:x64:*', 'cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:x64:*', 'cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x64:*', 'cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:x64:*']",0,0
CVE-2022-28618,HP,0.00108,9.8,0.0,1.0,0.0,1.0,0,2022-05-20,1.0,2022-05-11,,,1.0,"A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays and HPE Nimble Storage Secondary Flash Arrays that could allow an attacker to execute arbitrary commands on a Nimble appliance. HPE has made the following software updates to resolve the vulnerability in HPE Nimble Storage: 5.0.10.100 or later, 5.2.1.0 or later, 6.0.0.100 or later.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-77'],"['cpe:2.3:o:hpe:nimbleos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:nimbleos:*:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:nimbleos:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_all_flash_arrays:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_hybrid_flash_arrays:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:nimble_storage_secondary_flash_arrays:-:*:*:*:*:*:*:*']",0,0
CVE-2022-28620,HP,0.00434,9.8,0.0,1.0,0.0,1.0,0,2022-06-24,1.0,2022-06-16,,,1.0,"A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27; All Slingshot versions prior to 1.7.2; All versions of node controller firmware associated with HPE Cray EX liquid cooled blades, and all versions of chassis controller firmware associated with HPE Cray EX liquid cooled cabinets prior to 1.6.27/1.5.33/1.4.27. HPE has provided a software update to resolve this vulnerability in HPE Cray Legacy Shasta System Solutions, HPE Slingshot, and HPE Cray EX Supercomputers.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:hpe:slingshot_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:slingshot:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:cray_ex_supercomputers_firmware:1.4.27:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:cray_ex_supercomputers_firmware:1.5.33:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:cray_ex_supercomputers_firmware:1.6.27:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cray_ex_supercomputers:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:cray_sh_supercomputer_air_cooled_base_system_code_firmware:1.4.27:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:cray_sh_supercomputer_air_cooled_base_system_code_firmware:1.5.33:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:cray_sh_supercomputer_air_cooled_base_system_code_firmware:1.6.27:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cray_sh_supercomputer_air_cooled_base_system_code:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:cray_sh_supercomputer_liquid_cooled_base_system_code_firmware:1.4.27:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:cray_sh_supercomputer_liquid_cooled_base_system_code_firmware:1.5.33:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:cray_sh_supercomputer_liquid_cooled_base_system_code_firmware:1.6.27:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cray_sh_supercomputer_liquid_cooled_base_system_code:-:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:cray_sh_supercomputer_liquid_cooled_tds_base_system_code_firmware:1.4.27:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:cray_sh_supercomputer_liquid_cooled_tds_base_system_code_firmware:1.5.33:*:*:*:*:*:*:*', 'cpe:2.3:o:hpe:cray_sh_supercomputer_liquid_cooled_tds_base_system_code_firmware:1.6.27:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:cray_sh_supercomputer_liquid_cooled_tds_base_system_code:-:*:*:*:*:*:*:*']",0,0
CVE-2022-28639,HP,0.00065,8.8,0.0,1.0,0.0,0.0,0,2022-09-20,1.0,2022-09-15,,,1.0,"A remote potential adjacent denial of service (DoS) and potential adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses these security vulnerabilities.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:hpe:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:apollo_4200_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:apollo_4500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:apollo_r2000_chassis:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_2000_gen10_plus_system:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4200_gen10_plus_system:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4510_gen10_system:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_6500_gen10_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_n2600_gen10_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_n2800_gen10_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_r2600_gen10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_r2800_gen10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:edgeline_e920_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:edgeline_e920d_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:edgeline_e920t_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:integrated_lights-out_5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl110_gen10_plus_telco_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl20_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl325_gen10_plus_v2_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl345_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl365_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl385_gen10_plus_v2_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx170r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx190r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx220n_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx325_gen10_plus_v2_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx360_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx360_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx380_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx380_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx385_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx385_gen10_plus_v2_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx4200_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx560_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_e910_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_e910t_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_m750_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_microserver_gen10_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml30_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl220n_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl225n_gen10_plus_1u_node:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl290n_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl420_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl645d_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl675d_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl925g_gen10_plus_1u_4-node_configure-to-order_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storage_file_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storage_performance_file_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1460_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1560_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1660_expanded_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1660_performance_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1660_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1860_performance_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1860_storage:-:*:*:*:*:*:*:*']",0,0
CVE-2022-28640,HP,0.00065,8.8,0.0,1.0,0.0,0.0,0,2022-09-20,1.0,2022-09-15,,,1.0,"A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability was discovered in HPE Integrated Lights-Out 5 (iLO 5) in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated Lights-Out 5 (iLO 5) that addresses this security vulnerability.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:hpe:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:apollo_4200_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:apollo_4500:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hp:apollo_r2000_chassis:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_2000_gen10_plus_system:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4200_gen10_plus_system:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_4510_gen10_system:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_6500_gen10_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_n2600_gen10_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_n2800_gen10_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_r2600_gen10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:apollo_r2800_gen10:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:edgeline_e920_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:edgeline_e920d_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:edgeline_e920t_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:integrated_lights-out_5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl110_gen10_plus_telco_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl20_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl325_gen10_plus_v2_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl325_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl345_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl365_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl385_gen10_plus_v2_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx170r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx190r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx220n_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx325_gen10_plus_v2_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx360_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx360_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx380_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx380_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx385_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx385_gen10_plus_v2_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx4200_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_dx560_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_e910_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_e910t_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_m750_server_blade:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_microserver_gen10_plus:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml30_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl220n_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl225n_gen10_plus_1u_node:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl290n_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl420_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl450_gen10_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl645d_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl675d_gen10_plus_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:proliant_xl925g_gen10_plus_1u_4-node_configure-to-order_server:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storage_file_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storage_performance_file_controller:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1460_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1560_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1660_expanded_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1660_performance_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1660_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1860_performance_storage:-:*:*:*:*:*:*:*', 'cpe:2.3:h:hpe:storeeasy_1860_storage:-:*:*:*:*:*:*:*']",0,0
CVE-2018-6311,FoxConn,0.0007,6.8,0.0,1.0,0.0,1.0,1,2018-03-10,1.0,2018-03-09,,,1.0,"One can gain root access on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via UART pins without any restrictions, which leads to full system compromise and disclosure of user communications.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:foxconn:ap-fc4064-t_firmware:ap_gt_b38_5.8.3lb15-w47_lte:*:*:*:*:*:*:*', 'cpe:2.3:h:foxconn:ap-fc4064-t:-:*:*:*:*:*:*:*']",0,0
CVE-2018-6312,FoxConn,0.00078,7.2,0.0,1.0,0.0,1.0,1,2018-03-10,1.0,2018-03-09,,,1.0,"A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-521'],"['cpe:2.3:o:foxconn:ap-fc4064-t_firmware:ap_gt_b38_5.8.3lb15-w47_lte:*:*:*:*:*:*:*', 'cpe:2.3:h:foxconn:ap-fc4064-t:-:*:*:*:*:*:*:*']",0,0
CVE-2018-9111,FoxConn,0.00057,5.4,0.0,1.0,0.0,1.0,1,2018-05-10,0.0,,0.0,,,Cross Site Scripting (XSS) exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via the configuration of a user account. An attacker can execute arbitrary script on an unsuspecting user's browser.,CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:foxconn:ap-fc4064-t_firmware:ap_gt_b38_5.8.3lb15-w47_lte:*:*:*:*:*:*:*', 'cpe:2.3:h:foxconn:ap-fc4064-t:-:*:*:*:*:*:*:*']",0,0
CVE-2018-9112,FoxConn,0.00659,9.8,0.0,1.0,0.0,1.0,1,2018-05-10,0.0,,0.0,,,"A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15. In addition, its web management page relies on the existence or values of cookies when performing security-critical operations. One can gain privileges by modifying cookies.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:o:foxconn:ap-fc4064-t_firmware:ap_gt_b38_5.8.3lb15-w47_lte:*:*:*:*:*:*:*', 'cpe:2.3:h:foxconn:ap-fc4064-t:-:*:*:*:*:*:*:*']",0,0
CVE-2018-6402,Ecobee,0.00083,7.5,0.0,1.0,0.0,1.0,1,2020-04-14,1.0,2018-04-28,,,1.0,"Ecobee Ecobee4 4.2.0.171 devices can be forced to deauthenticate and connect to an unencrypted Wi-Fi network with the same SSID, even if the device settings specify use of encryption such as WPA2, as long as the competing network has a stronger signal. An attacker must be able to set up a nearby SSID, similar to an ""Evil Twin"" attack.",CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-327'],"['cpe:2.3:h:ecobee:ecobee4:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ecobee:ecobee4_firmware:4.2.0.171:*:*:*:*:*:*:*']",0,0
CVE-2021-27952,Ecobee,0.00576,9.8,0.0,1.0,0.0,1.0,1,2021-08-03,0.0,,0.0,,,Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.200 device. This allows a threat actor to gain access to the password-protected bootloader environment through the serial console.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-798'],"['cpe:2.3:h:ecobee:ecobee3_lite:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ecobee:ecobee3_lite_firmware:4.5.81.200:*:*:*:*:*:*:*']",0,0
CVE-2021-27953,Ecobee,0.00212,7.5,0.0,1.0,0.0,1.0,1,2021-08-03,0.0,,0.0,,,"A NULL pointer dereference vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HomeKit Wireless Access Control setup process. A threat actor can exploit this vulnerability to cause a denial of service, forcing the device to reboot via a crafted HTTP request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-476'],"['cpe:2.3:h:ecobee:ecobee3_lite:-:*:*:*:*:*:*:*', 'cpe:2.3:o:ecobee:ecobee3_lite_firmware:4.5.81.200:*:*:*:*:*:*:*']",0,0
CVE-2021-27954,Ecobee,0.0013,8.2,0.0,1.0,0.0,1.0,1,2021-08-03,0.0,,0.0,,,A heap-based buffer overflow vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HKProcessConfig function of the HomeKit Wireless Access Control setup process. A threat actor can exploit this vulnerability to force the device to connect to a SSID or cause a denial of service.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,HIGH,HIGH,3.9,4.2,['CWE-787'],"['cpe:2.3:o:ecobee:ecobee3_lite_firmware:4.5.81.200:*:*:*:*:*:*:*', 'cpe:2.3:h:ecobee:ecobee3_lite:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7296,eq-3,0.0018,5.3,0.0,0.0,0.0,1.0,1,2018-02-22,0.0,,0.0,,,Directory Traversal / Arbitrary File Read in User.getLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to read the first line of an arbitrary file on the CCU2's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-22'],"['cpe:2.3:o:eq-3:homematic_central_control_unit_ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_central_control_unit_ccu2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7297,eq-3,0.37692,9.8,1.0,0.0,0.0,1.0,1,2018-02-22,0.0,,0.0,,,Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:eq-3:homematic_central_control_unit_ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_central_control_unit_ccu2:-:*:*:*:*:*:*:*']",1,0
CVE-2018-7298,eq-3,0.00222,8.1,0.0,0.0,0.0,1.0,1,2018-02-22,0.0,,0.0,,,"In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software update packages are downloaded via the HTTP protocol, which does not provide any cryptographic protection of the downloaded contents. An attacker with a privileged network position (which could be obtained via DNS spoofing of www.meine-homematic.de or other approaches) can exploit this issue in order to provide arbitrary malicious firmware updates to the CCU2. This can result in a full system compromise.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-319'],"['cpe:2.3:o:eq-3:homematic_central_control_unit_ccu2_firmware:2.29.22:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_central_control_unit_ccu2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7299,eq-3,0.00272,8.0,0.0,0.0,0.0,1.0,1,2018-02-22,0.0,,0.0,,,Remote Code Execution in the addon installation process in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows authenticated attackers to create or overwrite arbitrary files or install malicious software on the device.,CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:eq-3:homematic_central_control_unit_ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_central_control_unit_ccu2:-:*:*:*:*:*:*:*']",0,0
CVE-2018-7300,eq-3,0.03485,9.8,1.0,1.0,0.0,1.0,1,2018-02-22,0.0,,0.0,,,Directory Traversal / Arbitrary File Write / Remote Code Execution in the User.setLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to write arbitrary files to the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-22'],"['cpe:2.3:o:eq-3:homematic_ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*']",1,0
CVE-2018-7301,eq-3,0.00222,9.8,0.0,0.0,0.0,1.0,1,2018-02-22,0.0,,0.0,,,eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:o:eq-3:homematic_central_control_unit_ccu2_firmware:2.29.22:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_central_control_unit_ccu2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14473,eq-3,0.00109,8.8,0.0,1.0,0.0,1.0,1,2019-08-06,0.0,,0.0,,,"eQ-3 Homematic CCU2 and CCU3 use session IDs for authentication but lack authorization checks. Consequently, a valid guest level or user level account can create a new admin level account, read the service messages, clear the system protocol or modify/delete internal programs, etc. pp.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-862'],"['cpe:2.3:o:eq-3:ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14474,eq-3,0.00095,7.5,0.0,1.0,0.0,1.0,1,2019-08-07,0.0,,0.0,,,"eQ-3 Homematic CCU3 3.47.15 and prior has Improper Input Validation in function 'Call()' of ReGa core logic process, resulting in the ability to start a Denial of Service. Due to Improper Authorization an attacker can obtain a session ID from CVE-2019-9583 or a valid guest/user/admin account can start this attack too.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:h:eq-3:ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2019-14475,eq-3,0.0057,7.5,0.0,1.0,0.0,1.0,1,2019-08-05,0.0,,0.0,,,"eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID from CVE-2019-9583, resulting in the ability to read the service messages, clear the system protocol, create a new user in the system, or modify/delete internal programs.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-862'],"['cpe:2.3:o:eq-3:ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14984,eq-3,0.00483,8.1,0.0,1.0,0.0,1.0,1,2019-08-13,0.0,,0.0,,,"eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because the undocumented addons/xmlapi/exec.cgi script uses CMD_EXEC to execute TCL code from a POST request.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-306'],"['cpe:2.3:o:eq-3:homematic_ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14985,eq-3,0.00914,9.8,0.0,1.0,0.0,1.0,1,2019-08-13,0.0,,0.0,,,"eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because this interface can access the CMD_EXEC virtual device type 28.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.35.16:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.41.5:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.41.8:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.41.9:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.45.6:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.45.7:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.10:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.12:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.15:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.41.11:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.43.16:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.45.5:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.45.7:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.10:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.15:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14986,eq-3,0.00434,8.1,0.0,1.0,0.0,1.0,1,2019-08-13,0.0,,0.0,,,"eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn before 2.3.0 installed allow administrative operations by unauthenticated attackers with access to the web interface, because features such as File-Browser and Shell Command (as well as ""Set root password"") are exposed.",CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:eq-3:homematic_ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15849,eq-3,0.00079,7.3,0.0,1.0,0.0,1.0,1,2019-10-17,1.0,2019-09-10,0.0,,1.0,"eQ-3 HomeMatic CCU3 firmware 3.41.11 allows session fixation. An attacker can create session IDs and send them to the victim. After the victim logs in to the session, the attacker can use that session. The attacker could create SSH logins after a valid session and easily compromise the system.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N,NETWORK,LOW,LOW,REQUIRED,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.1,5.2,['CWE-384'],"['cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.14.11:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-15850,eq-3,0.0061,8.8,0.0,1.0,0.0,1.0,1,2019-10-17,0.0,,1.0,2019-09-10,,eQ-3 HomeMatic CCU3 firmware version 3.41.11 allows Remote Code Execution in the ReGa.runScript method. An authenticated attacker can easily execute code and compromise the system.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-862'],"['cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.41.11:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-16199,eq-3,0.01292,9.8,0.0,1.0,0.0,1.0,1,2019-09-17,1.0,2019-09-12,0.0,,1.0,eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:o:eq-3:homematic_ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-18937,eq-3,0.01292,9.8,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the Script Parser AddOn through 1.8 installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi script, which executes TCL script content from an HTTP POST request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:a:scriptparser_project:scriptparser:1.8:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.20:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.8:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.7:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.20:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.6:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.20:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.5:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.20:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.4:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.20:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.3:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.20:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.3:beta1:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.20:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.2:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.20:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.0:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.20:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.6:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.5:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.4:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.3:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.3:beta1:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.2:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:scriptparser_project:scriptparser:1.0:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*']",0,0
CVE-2019-18938,eq-3,0.01292,9.8,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the E-Mail AddOn through 1.6.8.c installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the save.cgi script for payload upload and the testtcl.cgi script for its execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:a:hm_email_project:hm_email:1.6.8c:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.8c:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.8b:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.8a:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.7c:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.7b:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.7a:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.7:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.6:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.5:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.4:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.3:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.2:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.8:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.24.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.8b:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.8a:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.8:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.7c:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.7b:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.7a:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.7:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.6:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.5:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.4:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.3:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.2:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm_email_project:hm_email:1.6.0:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*']",0,0
CVE-2019-18939,eq-3,0.01292,9.8,0.0,1.0,0.0,1.0,1,2019-11-14,0.0,,0.0,,,"eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:a:hm-print_project:hm-print:1.2a:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.20:*:*:*:*:*:*:*', 'cpe:2.3:a:hm-print_project:hm-print:1.2:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm-print_project:hm-print:1.2a:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.18:*:*:*:*:*:*:*', 'cpe:2.3:a:hm-print_project:hm-print:1.2:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.20:*:*:*:*:*:*:*']",0,0
CVE-2019-9582,eq-3,0.00098,7.5,0.0,1.0,0.0,1.0,1,2019-08-14,1.0,2019-09-12,0.0,,0.0,"eQ-3 Homematic CCU2 outdated base software packages allows Denial of Service. CCU2 affected versions: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.35.16:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.41.5:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.41.8:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.41.9:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.45.6:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.45.7:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.10:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.12:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.15:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9583,eq-3,0.00098,8.2,0.0,1.0,0.0,1.0,1,2019-08-14,1.0,2019-09-12,0.0,,0.0,"eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This allows a Denial of Service and is a starting point for other attacks. Affected versions for CCU2: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. Affected versions for CCU3: 3.41.11, 3.43.16, 3.45.5, 3.45.7, 3.47.10, 3.47.15.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,HIGH,HIGH,3.9,4.2,['CWE-400'],"['cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.41.11:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.43.16:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.45.5:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.45.7:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.10:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:3.47.15:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.35.16:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.41.5:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.41.8:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.41.9:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.45.6:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.45.7:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.10:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.12:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:2.47.15:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9584,eq-3,0.00578,9.8,0.0,1.0,0.0,1.0,1,2019-08-14,1.0,2020-08-18,0.0,,0.0,"eQ-3 Homematic AddOn 'CloudMatic' on CCU2 and CCU3 allows uncontrolled admin access, resulting in the ability to obtain VPN profile details, shutting down the VPN service and to delete the VPN service configuration. This is related to improper access control for all /addons/mh/ pages.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-425'],"['cpe:2.3:o:eq-3:homematic_ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9585,eq-3,0.00819,9.8,0.0,1.0,0.0,1.0,1,2019-08-14,1.0,2019-07-26,0.0,,1.0,"eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access Control for Interface.***Metadata related operations, resulting in the ability to read, set and deletion of Metadata.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:o:eq-3:homematic_ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9726,eq-3,0.03616,7.5,0.0,1.0,0.0,1.0,1,2019-05-13,0.0,,0.0,,,Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9727,eq-3,0.01011,7.5,0.0,1.0,0.0,1.0,1,2019-05-13,0.0,,0.0,,,Unauthenticated password hash disclosure in the User.getUserPWD method in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to retrieve the GUI password hashes of GUI users. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2020-12834,eq-3,0.01292,9.8,0.0,1.0,0.0,1.0,1,2020-05-15,1.0,2020-08-25,0.0,,0.0,"eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup (or factory reset).",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-276'],"['cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-33032,eq-3,0.03429,10.0,0.0,1.0,0.0,1.0,1,2021-07-22,1.0,2021-07-06,0.0,,1.0,A Remote Code Execution (RCE) vulnerability in the WebUI component of the eQ-3 HomeMatic CCU2 firmware up to and including version 2.57.5 and CCU3 firmware up to and including version 3.57.5 allows remote unauthenticated attackers to execute system commands as root via a simple HTTP request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,6.0,['CWE-78'],"['cpe:2.3:o:eq-3:homematic_ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:homematic_ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:homematic_ccu3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10119,eq-3,0.00244,9.8,0.0,1.0,0.0,1.0,0,2019-07-10,0.0,,0.0,,,"eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16 use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID via an invalid login attempt to the RemoteApi account, aka HMCCU-154. This leads to automatic login as admin.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10120,eq-3,0.00104,8.8,0.0,1.0,0.0,1.0,0,2019-07-10,0.0,,0.0,,,"On eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16, automatic login configuration (aka setAutoLogin) can be achieved by continuing to use a session ID after a logout, aka HMCCU-154.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-384'],"['cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10121,eq-3,0.006,9.8,0.0,1.0,0.0,1.0,0,2019-07-10,0.0,,0.0,,,"eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.15 use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID via the user authentication dialogue, aka HMCCU-153. This leads to automatic login as admin.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-306'],"['cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-10122,eq-3,0.01919,9.8,0.0,1.0,0.0,1.0,0,2019-07-10,0.0,,0.0,,,"eQ-3 HomeMatic CCU2 devices before 2.41.9 and CCU3 devices before 3.43.16 have buffer overflows in the ReGa ise GmbH HTTP-Server 2.0 component, aka HMCCU-179. This may lead to remote code execution.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14423,eq-3,0.01864,8.8,0.0,0.0,1.0,1.0,0,2019-10-17,1.0,2019-06-21,0.0,,1.0,A Remote Code Execution (RCE) issue in the addon CUx-Daemon 1.11a of the eQ-3 Homematic CCU-Firmware 2.35.16 until 2.45.6 allows remote authenticated attackers to execute system commands as root remotely via a simple HTTP request.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:a:eq-3:cux-daemon:*:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-14424,eq-3,0.00503,6.5,0.0,0.0,1.0,1.0,0,2019-10-17,1.0,2019-06-21,0.0,,1.0,A Local File Inclusion (LFI) issue in the addon CUx-Daemon 1.11a of the eQ-3 Homematic CCU-Firmware 2.35.16 until 2.45.6 allows remote authenticated attackers to read sensitive files via a simple HTTP Request.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-22'],"['cpe:2.3:a:eq-3:cux-daemon:*:*:*:*:*:*:*:*', 'cpe:2.3:o:eq-3:ccu2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:eq-3:ccu2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11001,Reolink,0.00425,7.2,0.0,1.0,0.0,1.0,1,2019-04-08,0.0,,0.0,,,"On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticated admin can use the ""TestEmail"" functionality to inject and run OS commands as root, as demonstrated by shell metacharacters in the addr1 field.",CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:o:reolink:rlc-410w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:c1_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:c1_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:c2_pro_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:c2_pro:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-422w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-422w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-511w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-511w:-:*:*:*:*:*:*:*']",0,0
CVE-2020-25169,Reolink,0.00162,7.5,0.0,1.0,0.0,1.0,1,2021-01-26,1.0,2021-01-19,,,1.0,"The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-319'],"['cpe:2.3:o:reolink:rln8-410_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rln8-410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-422_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-422:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-510a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-510a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-410_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-423s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-423s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-423_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-423:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-520a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-520a_firmware:-:*:*:*:*:*:*:*']",0,0
CVE-2020-25173,Reolink,0.00042,7.8,0.0,1.0,0.0,1.0,1,2021-01-26,1.0,2021-01-19,,,1.0,An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['CWE-798', 'CWE-321']","['cpe:2.3:o:reolink:rln8-410_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rln8-410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-422_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-422:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-510a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-510a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-423s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-423s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-423_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-423:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-410_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-520a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-520a:-:*:*:*:*:*:*:*']",0,0
CVE-2021-40415,Reolink,0.00074,6.5,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,"An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_20121102. In cgi_check_ability the Format API does not have a specific case, the user permission will default to 7. This will give non-administrative users the possibility to format the SD card and reboot the device.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,"['CWE-276', 'CWE-284']","['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44354,Reolink,0.00089,7.5,0.0,1.0,0.0,0.0,1,2022-04-14,1.0,2022-01-19,,,1.0,Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*']",0,0
CVE-2021-44363,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetPush param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44368,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetNetPort param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44372,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetLocalLink param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44375,Reolink,0.00089,7.5,0.0,1.0,0.0,0.0,1,2022-04-14,1.0,2022-01-19,,,1.0,Multiple denial of service vulnerabilities exist in the cgiserver.cgi JSON command parser functionality of Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44377,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetImage param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44379,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetAutoMaint param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44384,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. SetPtzTattern param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44389,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetAbility param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44393,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetIsp param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44396,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. Preview param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44400,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetPtzPatrol param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44401,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. PtzCtrl param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44409,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. TestWifi param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2021-44413,Reolink,0.00084,7.7,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. AddUser param is not object. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,NETWORK,LOW,LOW,NONE,CHANGED,NONE,NONE,HIGH,HIGH,3.1,4.0,['CWE-20'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21134,Reolink,0.00257,7.5,0.0,1.0,0.0,0.0,1,2022-01-28,0.0,,0.0,,,A firmware update vulnerability exists in the &quot;update&quot; firmware checks functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-347'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21199,Reolink,0.00162,5.9,0.0,1.0,0.0,0.0,1,2022-01-28,0.0,,0.0,,,An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.2,3.6,"['CWE-798', 'CWE-321']","['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21217,Reolink,0.00265,9.8,0.0,1.0,0.0,0.0,1,2022-01-28,0.0,,0.0,,,An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted network request can lead to an out-of-bounds write. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-787', 'CWE-457']","['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21236,Reolink,0.00653,7.5,0.0,1.0,0.0,0.0,1,2022-01-28,1.0,2022-01-19,,,1.0,An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-552', 'CWE-219']","['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21796,Reolink,0.00078,8.2,0.0,1.0,0.0,0.0,1,2022-01-28,0.0,,0.0,,,A memory corruption vulnerability exists in the netserver parse_command_list functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to an out-of-bounds write. An attacker can send an HTTP request to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,HIGH,HIGH,3.9,4.2,"['CWE-787', 'CWE-20']","['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21801,Reolink,0.00129,7.5,0.0,1.0,0.0,0.0,1,2022-01-28,0.0,,0.0,,,A denial of service vulnerability exists in the netserver recv_command functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted network request can lead to a reboot. An attacker can send a malicious packet to trigger this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-190'],"['cpe:2.3:o:reolink:rlc-410w_firmware:3.0.0.136_20121102:*:*:*:*:*:*:*', 'cpe:2.3:h:reolink:rlc-410w:-:*:*:*:*:*:*:*']",0,0
CVE-2019-11064,GeoVision,0.00457,9.8,0.0,1.0,0.0,1.0,1,2019-08-29,0.0,,0.0,,,A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. An attacker can export system configuration which is not encrypted to get the administrator’s account and password in plain text via cgibin/ExportSettings.cgi?Export=1 without any authentication.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-287', 'CWE-200']","['cpe:2.3:o:androvideo:vd_1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:androvideo:vd_1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:geovision:gv-vr360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-vr360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:geovision:gv-vd8700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-vd8700:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13407,GeoVision,0.00085,6.1,0.0,1.0,0.0,1.0,1,2019-08-29,0.0,,0.0,,,A XSS found in Advan VD-1 firmware versions up to 230. VD-1 responses a path error message when a requested resource was not found in page cgibin/ssi.cgi. It leads to a reflected XSS because the error message does not escape properly.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],"['cpe:2.3:o:androvideo:vd_1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:androvideo:vd_1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:geovision:gv-vr360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-vr360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:geovision:gv-vd8700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-vd8700:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13408,GeoVision,0.00365,7.5,0.0,1.0,0.0,1.0,1,2019-08-29,0.0,,0.0,,,"A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without any authentication.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,"['CWE-22', 'CWE-23']","['cpe:2.3:o:androvideo:vd_1_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:androvideo:vd_1:-:*:*:*:*:*:*:*', 'cpe:2.3:o:geovision:gv-vr360_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-vr360:-:*:*:*:*:*:*:*', 'cpe:2.3:o:geovision:gv-vd8700_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-vd8700:-:*:*:*:*:*:*:*']",0,0
CVE-2020-3930,GeoVision,0.00044,3.3,0.0,1.0,0.0,1.0,1,2020-06-12,1.0,2020-06-12,,,1.0,"GeoVision Door Access Control device family improperly stores and controls access to system logs, any users can read these logs.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,LOCAL,LOW,LOW,NONE,UNCHANGED,LOW,NONE,NONE,LOW,1.8,1.4,['CWE-532'],"['cpe:2.3:o:geovision:gv-gf192x_firmware:1.10:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-gf192x:-:*:*:*:*:*:*:*']",0,0
CVE-2020-3931,GeoVision,0.00448,9.8,0.0,1.0,0.0,1.0,0,2020-07-08,1.0,2020-07-08,,,1.0,"Buffer overflow exists in Geovision Door Access Control device family, an unauthenticated remote attacker can execute arbitrary command.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-120'],"['cpe:2.3:o:geovision:gv-as210_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-as210:-:*:*:*:*:*:*:*', 'cpe:2.3:o:geovision:gv-as410_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-as410:-:*:*:*:*:*:*:*', 'cpe:2.3:o:geovision:gv-as810_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-as810:-:*:*:*:*:*:*:*', 'cpe:2.3:o:geovision:gv-gf1921_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-gf1921:-:*:*:*:*:*:*:*', 'cpe:2.3:o:geovision:gv-as1010_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-as1010:-:*:*:*:*:*:*:*', 'cpe:2.3:o:geovision:gv-gf1922_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:geovision:gv-gf1922:-:*:*:*:*:*:*:*']",0,0
CVE-2019-13379,AV Tech Corp,0.01289,8.8,0.0,1.0,0.0,0.0,1,2019-07-07,1.0,2019-05-23,,,1.0,"On AVTECH Room Alert 3E devices before 2.2.5, an attacker with access to the device's web interface may escalate privileges from an unauthenticated user to administrator by performing a cmd.cgi?action=ResetDefaults&src=RA reset and using the default credentials to get in.",CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-668'],"['cpe:2.3:o:avtech:room_alert_3e_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:avtech:room_alert_3e:-:*:*:*:*:*:*:*']",0,0
CVE-2019-16241,TCL,0.001,6.8,0.0,1.0,0.0,1.0,1,2019-11-26,0.0,,0.0,,,"On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication if it exists. This file would typically be created via Android Debug Bridge (adb) over USB.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-668'],"['cpe:2.3:o:alcatelmobile:cingular_flip_2_firmware:b9huah1:*:*:*:*:*:*:*', 'cpe:2.3:h:alcatelmobile:cingularl_flip_2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-16242,TCL,0.00284,6.8,0.0,1.0,0.0,1.0,1,2019-11-26,0.0,,0.0,,,"On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-78'],"['cpe:2.3:o:alcatelmobile:cingular_flip_2_firmware:b9huah1:*:*:*:*:*:*:*', 'cpe:2.3:h:alcatelmobile:cingular_flip_2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-16243,TCL,0.00076,6.1,0.0,1.0,0.0,1.0,1,2019-11-26,0.0,,0.0,,,"On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocumented web API that allows unprivileged JavaScript, including JavaScript running within the KaiOS browser, to view and edit the device's firmware over-the-air update settings. (This web API is normally used by the system application to trigger firmware updates via OmaService.js.)",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-306'],"['cpe:2.3:o:alcatelmobile:cingular_flip_2_firmware:b9huah1:*:*:*:*:*:*:*', 'cpe:2.3:h:alcatelmobile:cingular_flip_2:-:*:*:*:*:*:*:*']",0,0
CVE-2019-7163,TCL,0.00434,9.8,0.0,1.0,0.0,1.0,1,2019-08-02,0.0,,0.0,,,The web interface of Alcatel LINKZONE MW40-V-V1.0 MW40_LU_02.00_02 devices is vulnerable to an authentication bypass that allows an unauthenticated user to have access to the web interface without knowing the administrator's password.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:tcl:alcatel_linkzone_firmware:mw40-v-v1.0_mw40_lu_02.00_02:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:alcatel_linkzone:-:*:*:*:*:*:*:*']",0,0
CVE-2016-9796,TCL,0.07222,9.8,1.0,0.0,1.0,0.0,0,2016-12-03,0.0,,1.0,2016-10-29,,"Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be queried using the GIOP protocol on TCP port 30024. An attacker can bypass authentication, and OmniVista invokes methods (AddJobSet, AddJob, and ExecuteNow) that can be used to run arbitrary commands on the server, with the privilege of NT AUTHORITY\SYSTEM on the server. NOTE: The discoverer states ""The vendor position is to refer to the technical guidelines of the product security deployment to mitigate this issue, which means applying proper firewall rules to prevent unauthorised clients to connect to the OmniVista server.""",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-264'],"['cpe:2.3:a:alcatel-lucent:omnivista_8770_network_management_system:2.0:*:*:*:*:*:*:*', 'cpe:2.3:a:alcatel-lucent:omnivista_8770_network_management_system:2.6:*:*:*:*:*:*:*', 'cpe:2.3:a:alcatel-lucent:omnivista_8770_network_management_system:3.0:*:*:*:*:*:*:*']",1,1
CVE-2020-27403,TCL,0.00175,6.5,0.0,1.0,0.0,1.0,0,2020-11-10,1.0,2020-10-30,,,1.0,"A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below by TCL Technology Group Corporation allows an attacker on the adjacent network to arbitrarily browse and download sensitive files over an insecure web server running on port 7989 that lists all files & directories. An unprivileged remote attacker on the adjacent network, can download most system files, leading to serious critical information disclosure. Also, some TV models and/or FW versions may expose the webserver with the entire filesystem accessible on another port. For example, nmap scan for all ports run directly from the TV model U43P6046 (Android 8.0) showed port 7983 not mentioned in the original CVE description, but containing the same directory listing of the entire filesystem. This webserver is bound (at least) to localhost interface and accessible freely to all unprivileged installed apps on the Android such as a regular web browser. Any app can therefore read any files of any other apps including Android system settings including sensitive data such as saved passwords, private keys etc.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-200'],"['cpe:2.3:o:tcl:32s330_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:32s330:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:40s330_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:40s330:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:43s434_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:43s434:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:50s434_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:50s434:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:55s434_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:55s434:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:65s434_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:65s434:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:75s434_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:75s434:-:*:*:*:*:*:*:*']",0,0
CVE-2020-28055,TCL,0.00125,7.8,0.0,1.0,0.0,1.0,0,2020-11-10,1.0,2020-10-30,,,1.0,"A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below by TCL Technology Group Corporation allows a local unprivileged attacker, such as a malicious App, to read & write to the /data/vendor/tcl, /data/vendor/upgrade, and /var/TerminalManager directories within the TV file system. An attacker, such as a malicious APK or local unprivileged user could perform fake system upgrades by writing to the /data/vendor/upgrage folder.",CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-732'],"['cpe:2.3:h:tcl:32s330:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:32s330_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:40s330:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:40s330_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:43s434:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:43s434_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:50s434:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:50s434_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:55s434:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:55s434_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:65s434:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:65s434_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:tcl:75s434:-:*:*:*:*:*:*:*', 'cpe:2.3:o:tcl:75s434_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-35331,TCL,0.00413,7.8,0.0,0.0,1.0,0.0,0,2021-07-05,1.0,2021-06-22,,,1.0,"In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties dispute the significance of this finding",CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,LOCAL,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,['CWE-134'],['cpe:2.3:a:tcl:tcl:8.6.11:*:*:*:*:*:*:*'],0,0
CVE-2019-6113,ONKYO,0.00801,7.5,0.0,0.0,0.0,1.0,1,2019-08-30,0.0,,0.0,,,Directory traversal vulnerability on ONKYO TX-NR686 1030-5000-1040-0010 A/V Receiver devices allows remote attackers to read arbitrary files via a .. (dot dot) and %2f to the default URI.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:h:onkyo:tx-nr686:-:*:*:*:*:*:*:*', 'cpe:2.3:o:onkyo:tx-nr686_firmware:1030-5000-1040-0010:*:*:*:*:*:*:*']",0,0
CVE-2020-12447,ONKYO,0.02897,7.5,0.0,0.0,0.0,1.0,0,2020-04-29,0.0,,0.0,,,"A Local File Inclusion (LFI) issue on Onkyo TX-NR585 1000-0000-000-0008-0000 devices allows remote unauthenticated users on the network to read sensitive files via %2e%2e%2f directory traversal, as demonstrated by reading /etc/shadow.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-22'],"['cpe:2.3:o:onkyo:tx-nr585_firmware:1000-0000-000-0008-0000:*:*:*:*:*:*:*', 'cpe:2.3:h:onkyo:tx-nr585:-:*:*:*:*:*:*:*']",0,0
CVE-2019-7676,Enphase,0.00241,7.2,0.0,0.0,1.0,0.0,1,2019-02-09,0.0,,0.0,,,A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port 8888 with the admin password for the admin account.,CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-521'],['cpe:2.3:a:enphase:envoy:*:*:*:*:*:*:*:*'],0,0
CVE-2020-25752,Enphase,0.00179,5.3,0.0,1.0,0.0,1.0,1,2021-06-16,0.0,,0.0,,,An issue was discovered on Enphase Envoy R3.x and D4.x devices. There are hardcoded web-panel login passwords for the installer and Enphase accounts. The passwords for these accounts are hardcoded values derived from the MD5 hash of the username and serial number mixed with some static strings. The serial number can be retrieved by an unauthenticated user at /info.xml. These passwords can be easily calculated by an attacker; users are unable to change these passwords.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-798'],"['cpe:2.3:h:enphase:envoy:-:*:*:*:*:*:*:*', 'cpe:2.3:o:enphase:envoy_firmware:d4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:enphase:envoy_firmware:r3.0:*:*:*:*:*:*:*']",0,0
CVE-2020-25753,Enphase,0.01301,9.8,0.0,1.0,0.0,1.0,1,2021-06-16,0.0,,0.0,,,An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an unauthenticated user at /info.xml.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:o:enphase:envoy_firmware:d4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:enphase:envoy_firmware:r3.0:*:*:*:*:*:*:*', 'cpe:2.3:h:enphase:envoy:-:*:*:*:*:*:*:*']",0,0
CVE-2019-7677,Enphase,0.00144,6.1,0.0,0.0,1.0,0.0,0,2019-02-09,0.0,,0.0,,,XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:enphase:envoy:*:*:*:*:*:*:*:*'],0,0
CVE-2019-7678,Enphase,0.00242,9.8,0.0,0.0,1.0,0.0,0,2019-02-09,0.0,,0.0,,,"A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-22'],['cpe:2.3:a:enphase:envoy:*:*:*:*:*:*:*:*'],0,0
CVE-2020-25754,Enphase,0.00296,7.5,0.0,1.0,0.0,1.0,0,2021-06-16,0.0,,0.0,,,An issue was discovered on Enphase Envoy R3.x and D4.x devices. There is a custom PAM module for user authentication that circumvents traditional user authentication. This module uses a password derived from the MD5 hash of the username and serial number. The serial number can be retrieved by an unauthenticated user at /info.xml. Attempts to change the user password via passwd or other tools have no effect.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,HIGH,3.9,3.6,['CWE-916'],"['cpe:2.3:o:enphase:envoy_firmware:d4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:enphase:envoy_firmware:r3.0:*:*:*:*:*:*:*', 'cpe:2.3:h:enphase:envoy:-:*:*:*:*:*:*:*']",0,0
CVE-2020-25755,Enphase,0.02042,8.8,0.0,1.0,0.0,1.0,0,2021-06-16,0.0,,0.0,,,An issue was discovered on Enphase Envoy R3.x and D4.x (and other current) devices. The upgrade_start function in /installer/upgrade_start allows remote authenticated users to execute arbitrary commands via the force parameter.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:enphase:envoy_firmware:d4.0:*:*:*:*:*:*:*', 'cpe:2.3:o:enphase:envoy_firmware:r3.0:*:*:*:*:*:*:*', 'cpe:2.3:h:enphase:envoy:-:*:*:*:*:*:*:*']",0,0
CVE-2019-9564,WyzeCam,0.00115,9.8,0.0,1.0,0.0,1.0,1,2022-03-30,1.0,2022-03-29,,,1.0,"A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to bypass login and control the devices. This issue affects: Wyze Cam Pan v2 versions prior to 4.49.1.47. Wyze Cam v2 versions prior to 4.9.8.1002. Wyze Cam v3 versions prior to 4.36.8.32.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-287'],"['cpe:2.3:o:wyze:cam_pan_v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:wyze:cam_pan_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:wyze:cam_v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:wyze:cam_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:wyze:cam_v3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:wyze:cam_v3:-:*:*:*:*:*:*:*']",0,0
CVE-2019-12266,WyzeCam,0.00284,9.8,0.0,1.0,0.0,1.0,0,2022-03-30,1.0,2022-03-29,,,1.0,"Stack-based Buffer Overflow vulnerability in Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to run arbitrary code on the affected device. This issue affects: Wyze Cam Pan v2 versions prior to 4.49.1.47. Wyze Cam v2 versions prior to 4.9.8.1002. Wyze Cam v3 versions prior to 4.36.8.32.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-787', 'CWE-121']","['cpe:2.3:h:wyze:cam_pan_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:wyze:cam_pan_v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:wyze:cam_v2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:wyze:cam_v2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:wyze:cam_v3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:wyze:cam_v3_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2020-8824,Hitron,0.00058,5.4,0.0,1.0,0.0,1.0,1,2020-02-19,0.0,,0.0,,,Hitron CODA-4582U 7.1.1.30 devices allow XSS via a Managed Device name on the Wireless > Access Control > Add Managed Device screen.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:hitrontech:coda-4582u_firmware:7.1.1.30:*:*:*:*:*:*:*', 'cpe:2.3:h:hitrontech:coda-4582u:-:*:*:*:*:*:*:*']",0,0
CVE-2022-25017,Hitron,0.00277,8.8,0.0,1.0,0.0,1.0,0,2022-04-01,0.0,,0.0,,,Hitron CHITA 7.2.2.0.3b6-CD devices contain a command injection vulnerability via the Device/DDNS ddnsUsername field.,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:o:hitrontech:chita_firmware:7.2.2.0.3b6-cd:*:*:*:*:*:*:*', 'cpe:2.3:h:hitrontech:chita:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20643,ELECOM,0.0018,7.5,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the administrative password of the affected device by processing a specially crafted request.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['NVD-CWE-Other'],"['cpe:2.3:o:elecom:ld-ps\\/u1_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:ld-ps\\/u1:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20644,ELECOM,0.00084,6.1,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user's web browser by displaying a specially crafted SSID on the web setup page.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-74'],"['cpe:2.3:o:elecom:wrc-1467ghbk-a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1467ghbk-a:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20645,ELECOM,0.00066,5.4,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remote authenticated attackers to inject arbitrary script via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:elecom:wrc-300febk-a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-300febk-a:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20646,ELECOM,0.00077,6.5,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,"Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-A allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-352'],"['cpe:2.3:o:elecom:wrc-300febk-a_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-300febk-a:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20647,ELECOM,0.00077,6.5,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,"Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-S allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-352'],"['cpe:2.3:o:elecom:wrc-300febk-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-300febk-s:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20648,ELECOM,0.00044,6.8,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,ELECOM WRC-300FEBK-S allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-78'],"['cpe:2.3:o:elecom:wrc-300febk-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-300febk-s:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20649,ELECOM,0.00065,4.8,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,"ELECOM WRC-300FEBK-S contains an improper certificate validation vulnerability. Via a man-in-the-middle attack, an attacker may alter the communication response. As a result, an arbitrary OS command may be executed on the affected device.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N,NETWORK,HIGH,NONE,NONE,UNCHANGED,LOW,LOW,NONE,MEDIUM,2.2,2.5,['CWE-295'],"['cpe:2.3:o:elecom:wrc-300febk-s_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-300febk-s:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20650,ELECOM,0.00077,6.5,0.0,1.0,0.0,1.0,1,2021-02-12,0.0,,1.0,2021-01-26,,"Cross-site request forgery (CSRF) vulnerability in ELECOM NCC-EWF100RMWH2 allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-352'],"['cpe:2.3:o:elecom:ncc-ewf100rmwh2_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:ncc-ewf100rmwh2:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20852,ELECOM,0.00044,6.8,0.0,1.0,0.0,0.0,1,2021-12-01,1.0,2021-11-30,,,1.0,Buffer overflow vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute an arbitrary OS command via unspecified vectors.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-120'],"['cpe:2.3:h:elecom:wrh-733gbk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-733gbk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-733gwh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-733gwh_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-20853,ELECOM,0.00044,6.8,0.0,1.0,0.0,0.0,1,2021-12-01,1.0,2021-11-30,,,1.0,ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute arbitrary OS commands via unspecified vectors.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-78'],"['cpe:2.3:o:elecom:wrh-733gbk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-733gbk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-733gwh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-733gwh:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20854,ELECOM,0.00044,6.8,0.0,1.0,0.0,0.0,1,2021-12-01,1.0,2021-11-30,,,1.0,ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a network-adjacent attacker with an administrator privilege to execute arbitrary OS commands via unspecified vectors.,CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-78'],"['cpe:2.3:o:elecom:wrh-733gbk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-733gbk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-733gwh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-733gwh:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20855,ELECOM,0.00066,5.4,0.0,1.0,0.0,0.0,1,2021-12-01,1.0,2021-11-30,,,1.0,Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:elecom:wrh-733gbk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-733gbk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-733gwh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-733gwh:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20856,ELECOM,0.00066,5.4,0.0,1.0,0.0,0.0,1,2021-12-01,1.0,2021-11-30,,,1.0,Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and prior) allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:elecom:wrh-733gbk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-733gbk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-733gwh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-733gwh:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20857,ELECOM,0.00066,5.4,0.0,1.0,0.0,0.0,1,2021-12-01,1.0,2021-11-30,,,1.0,Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:h:elecom:wrc-2533ghbk-i:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533ghbk-i_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-20858,ELECOM,0.00066,5.4,0.0,1.0,0.0,0.0,1,2021-12-01,1.0,2021-11-30,,,1.0,Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],"['cpe:2.3:o:elecom:wrc-2533ghbk-i_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533ghbk-i:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20860,ELECOM,0.00086,8.8,0.0,1.0,0.0,1.0,1,2021-12-01,1.0,2021-11-30,,,1.0,"Cross-site request forgery (CSRF) vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a remote authenticated attacker to hijack the authentication of an administrator via a specially crafted page.",CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-352'],"['cpe:2.3:o:elecom:wrc-1167gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gsv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gsv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1900gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1900gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gsta_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gsta:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2sp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2sp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2-g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2-g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:edwrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:edwrc-2533gst2:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20861,ELECOM,0.00077,8.8,0.0,1.0,0.0,1.0,1,2021-12-01,0.0,,1.0,2021-01-26,,"Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attacker to bypass access restriction and to access the management screen of the product via unspecified vectors.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:elecom:wrc-1167gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gsv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gsv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1900gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1900gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gsta_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gsta:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2sp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2sp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2-g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2-g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:edwrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:edwrc-2533gst2:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20863,ELECOM,0.00044,8.0,0.0,1.0,0.0,1.0,1,2021-12-01,1.0,2021-11-30,,,1.0,"OS command injection vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attackers to execute an arbitrary OS command with the root privilege via unspecified vectors.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['CWE-78'],"['cpe:2.3:o:elecom:wrc-1167gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gsv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gsv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1900gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1900gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gsta_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gsta:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2sp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2sp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2-g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2-g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:edwrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:edwrc-2533gst2:-:*:*:*:*:*:*:*']",0,0
CVE-2020-5634,ELECOM,0.00077,8.8,0.0,1.0,0.0,1.0,0,2020-10-06,1.0,2020-10-05,,,1.0,"ELECOM LAN routers (WRC-2533GST2 firmware versions prior to v1.14, WRC-1900GST2 firmware versions prior to v1.14, WRC-1750GST2 firmware versions prior to v1.14, and WRC-1167GST2 firmware versions prior to v1.10) allow an attacker on the same network segment to execute arbitrary OS commands with a root privilege via unspecified vectors.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:h:elecom:wrc-2533gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1900gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1900gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2021-20651,ELECOM,0.00271,9.1,0.0,0.0,1.0,0.0,0,2021-02-12,0.0,,1.0,2021-01-26,,Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to create an arbitrary file or overwrite an existing file in a directory which can be accessed with the application privileges via unspecified vectors.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,HIGH,CRITICAL,3.9,5.2,['CWE-22'],['cpe:2.3:a:elecom:file_manager:*:*:*:*:*:*:*:*'],0,0
CVE-2021-20738,ELECOM,0.00074,6.5,0.0,1.0,0.0,0.0,0,2021-07-07,0.0,,1.0,2021-07-06,,"WRC-1167FS-W, WRC-1167FS-B, and WRC-1167FSA all versions allow an unauthenticated network-adjacent attacker to obtain sensitive information via unspecified vectors.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:elecom:wrc-1167fs-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167fs-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167fs-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167fs-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167fsa_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167fsa:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20739,ELECOM,0.00078,8.8,0.0,1.0,0.0,0.0,0,2021-07-07,0.0,,1.0,2021-07-06,,"WRC-300FEBK, WRC-F300NF, WRC-733FEBK, WRH-300RD, WRH-300BK, WRH-300SV, WRH-300WH, WRH-H300WH, WRH-H300BK, WRH-300BK-S, and WRH-300WH-S all versions allows an unauthenticated network-adjacent attacker to execute an arbitrary OS command via unspecified vectors.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-78'],"['cpe:2.3:h:elecom:wrc-300febk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-300febk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-f300nf:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-f300nf_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-733febk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-733febk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300rd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300rd_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300bk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300bk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300sv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300sv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300wh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300wh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-h300wh:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-h300wh_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-h300bk_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-h300bk:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300bk-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300bk-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300wh-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300wh-s:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20859,ELECOM,0.00044,8.0,0.0,1.0,0.0,1.0,0,2021-12-01,1.0,2021-11-30,,,1.0,"ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attacker to execute an arbitrary OS command via unspecified vectors.",CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.1,5.9,['CWE-78'],"['cpe:2.3:o:elecom:wrc-1167gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gsv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gsv:-:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1900gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1900gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gsta:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gsta_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2sp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2sp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2-g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2-g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:edwrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:edwrc-2533gst2:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20862,ELECOM,0.00063,4.3,0.0,1.0,0.0,1.0,0,2021-12-01,1.0,2021-11-30,,,1.0,"Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent unauthenticated attacker to bypass access restriction, and to obtain anti-CSRF tokens and change the product's settings via unspecified vectors.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,LOW,NONE,MEDIUM,2.8,1.4,['NVD-CWE-Other'],"['cpe:2.3:o:elecom:wrc-1167gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gsv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gsv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1900gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1900gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gsta_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gsta:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2sp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2sp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2-g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2-g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:edwrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:edwrc-2533gst2:-:*:*:*:*:*:*:*']",0,0
CVE-2021-20864,ELECOM,0.00077,8.8,0.0,1.0,0.0,1.0,0,2021-12-01,1.0,2021-11-30,,,1.0,"Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent unauthenticated attacker to bypass access restriction, and to start the telnet service and execute an arbitrary OS command via unspecified vectors.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-Other'],"['cpe:2.3:o:elecom:wrc-1167gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gsv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gsv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1900gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1900gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gsta_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gsta:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2sp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2sp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2-g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2-g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:edwrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:edwrc-2533gst2:-:*:*:*:*:*:*:*']",0,0
CVE-2022-21173,ELECOM,0.00068,8.8,0.0,1.0,0.0,0.0,0,2022-02-08,1.0,2022-02-08,,,1.0,"Hidden functionality vulnerability in ELECOM LAN routers (WRH-300BK3 firmware v1.05 and earlier, WRH-300WH3 firmware v1.05 and earlier, WRH-300BK3-S firmware v1.05 and earlier, WRH-300DR3-S firmware v1.05 and earlier, WRH-300LB3-S firmware v1.05 and earlier, WRH-300PN3-S firmware v1.05 and earlier, WRH-300WH3-S firmware v1.05 and earlier, and WRH-300YG3-S firmware v1.05 and earlier) allows an attacker on the adjacent network to execute an arbitrary OS command via unspecified vectors.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-Other'],"['cpe:2.3:h:elecom:wrh-300bk3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300bk3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300wh3:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300wh3_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300bk3-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300bk3-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300wh3-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300wh3-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300lb3-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300lb3-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300pn3-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300pn3-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300yg3-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300yg3-s_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrh-300dr3-s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrh-300dr3-s_firmware:*:*:*:*:*:*:*:*']",0,0
CVE-2022-21799,ELECOM,0.00055,5.2,0.0,1.0,0.0,0.0,0,2022-02-08,1.0,2022-02-08,,,1.0,Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R firmware v1.13 and earlier allows an attacker on the adjacent network to inject an arbitrary script via unspecified vectors.,CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,ADJACENT_NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.1,2.7,['CWE-79'],"['cpe:2.3:o:elecom:wrc-300febk-r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-300febk-r:-:*:*:*:*:*:*:*']",0,0
CVE-2022-25915,ELECOM,0.00068,8.8,0.0,1.0,0.0,1.0,0,2022-03-31,1.0,2021-11-30,,,1.0,"Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attacker to bypass access restriction and to access the management screen of the product via unspecified vectors.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-Other'],"['cpe:2.3:h:elecom:wrc-1167gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2a:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2a_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gst2h:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gst2h_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gs2-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gs2-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gs:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gs_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gsv:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gsv_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1900gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1900gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gsta_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gsta:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2sp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2sp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-2533gst2-g_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-2533gst2-g:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:edwrc-2533gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:edwrc-2533gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gs2-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gs2-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1167gs2h-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1167gs2h-b:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wmc-dlgst2-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wmc-dlgst2-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wmc-m1267gst2-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wmc-m1267gst2-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wmc-2hc-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wmc-2hc-w:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wmc-c2533gst-w_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wmc-c2533gst-w:-:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1900gst2:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1900gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1900gst2sp_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1900gst2sp:-:*:*:*:*:*:*:*', 'cpe:2.3:o:elecom:wrc-1750gst2_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:elecom:wrc-1750gst2:-:*:*:*:*:*:*:*']",0,0
CVE-2021-32234,Smarter,0.01297,9.8,0.0,0.0,1.0,0.0,1,2021-11-17,1.0,2021-10-14,,,1.0,SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['NVD-CWE-noinfo'],['cpe:2.3:a:smartertools:smartermail:*:*:*:*:*:*:*:*'],0,0
CVE-2017-14620,Smarter,0.00261,6.1,1.0,0.0,1.0,0.0,0,2017-09-30,1.0,2017-09-28,,,1.0,SmarterStats Version 11.3.6347 will Render the Referer Field of HTTP Logfiles from URL /Data/Reports/ReferringURLsWithQueries resulting in Stored Cross Site Scripting.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:smartertools:smarterstats:11.3.6347:*:*:*:*:*:*:*'],1,0
CVE-2019-7211,Smarter,0.00084,6.1,0.0,0.0,1.0,0.0,0,2019-04-24,1.0,2019-02-26,,,1.0,SmarterTools SmarterMail 16.x before build 6995 has stored XSS. JavaScript code could be executed on the application by opening a malicious email or when viewing a malicious file attachment.,CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:smartertools:smartermail:*:*:*:*:*:*:*:*'],0,0
CVE-2019-7212,Smarter,0.00255,8.2,0.0,0.0,1.0,0.0,0,2019-04-24,1.0,2019-02-25,,,1.0,SmarterTools SmarterMail 16.x before build 6985 has hardcoded secret keys. An unauthenticated attacker could access other users’ emails and file attachments. It was also possible to interact with mailing lists.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,LOW,NONE,HIGH,3.9,4.2,['CWE-798'],['cpe:2.3:a:smartertools:smartermail:*:*:*:*:*:*:*:*'],0,0
CVE-2019-7213,Smarter,0.00062,6.5,0.0,0.0,1.0,0.0,0,2019-04-24,1.0,2019-02-25,,,1.0,SmarterTools SmarterMail 16.x before build 6985 allows directory traversal. An authenticated user could delete arbitrary files or could create files in new folders in arbitrary locations on the mail server. This could lead to command execution on the server for instance by putting files inside the web directories.,CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,LOW,NONE,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['CWE-22'],['cpe:2.3:a:smartertools:smartermail:*:*:*:*:*:*:*:*'],0,0
CVE-2019-7214,Smarter,0.81423,9.8,1.0,0.0,1.0,0.0,0,2019-04-24,1.0,2019-02-25,,,1.0,SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch.,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-502'],['cpe:2.3:a:smartertools:smartermail:*:*:*:*:*:*:*:*'],1,0
CVE-2020-15501,Smarter,0.00082,6.5,0.0,1.0,0.0,0.0,0,2020-10-07,0.0,,1.0,,,Smarter Coffee Maker before 2nd generation allows firmware replacement without authentication or authorization. User interaction is required to press a button. NOTE: This vulnerability only affects products that are no longer supported by the maintainer,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,NONE,HIGH,NONE,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:smarter:smarter_coffee_maker_1st_generation:-:*:*:*:*:*:*:*', 'cpe:2.3:h:smarter:smarter_coffee_maker_1st_generation:-:*:*:*:*:*:*:*']",0,0
CVE-2020-29548,Smarter,0.00308,8.1,0.0,0.0,1.0,0.0,0,2021-08-17,1.0,2020-08-27,,,1.0,"An issue was discovered in SmarterTools SmarterMail through 100.0.7537. Meddler-in-the-middle attackers can pipeline commands after a POP3 STLS command, injecting plaintext commands into an encrypted user session.",CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.2,5.9,['CWE-77'],['cpe:2.3:a:smartertools:smartermail:*:*:*:*:*:*:*:*'],0,0
CVE-2021-32233,Smarter,0.00078,6.1,0.0,0.0,1.0,0.0,0,2021-07-06,1.0,2021-10-14,,,0.0,SmarterTools SmarterMail before Build 7776 allows XSS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:smartertools:smartermail:*:*:*:*:*:*:*:*'],0,0
CVE-2021-40377,Smarter,0.00054,5.4,0.0,0.0,1.0,0.0,0,2021-09-08,1.0,2021-07-28,,,1.0,"SmarterTools SmarterMail 16.x before build 7866 has stored XSS. The application fails to sanitize email content, thus allowing one to inject HTML and/or JavaScript into a page that will then be processed and stored by the application.",CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,LOW,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.3,2.7,['CWE-79'],['cpe:2.3:a:smartertools:smartermail:*:*:*:*:*:*:*:*'],0,0
CVE-2021-43977,Smarter,0.00084,6.1,0.0,0.0,1.0,0.0,0,2021-11-17,1.0,2021-10-14,,,1.0,SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N,NETWORK,LOW,NONE,REQUIRED,CHANGED,LOW,LOW,NONE,MEDIUM,2.8,2.7,['CWE-79'],['cpe:2.3:a:smartertools:smartermail:*:*:*:*:*:*:*:*'],0,0
CVE-2021-3788,Binatone,0.00069,6.8,0.0,1.0,0.0,1.0,1,2021-11-12,1.0,2021-09-14,,,1.0,An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,"['CWE-287', 'CWE-1299']","['cpe:2.3:o:binatoneglobal:halo\\+_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:halo\\+_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn28_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn50_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_50_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp4855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp669_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_64_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_64:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_view_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:ease44_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:ease44:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp6855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn75_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn75:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3789,Binatone,0.00061,4.6,0.0,1.0,0.0,1.0,1,2021-11-12,1.0,2021-09-14,,,1.0,An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access to obtain the encryption key used to decrypt firmware update packages.,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.9,3.6,"['CWE-326', 'CWE-522']","['cpe:2.3:o:binatoneglobal:halo\\+_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:halo\\+_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn28_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn50_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_50_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp4855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp669_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_64_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_64:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_view_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:ease44_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:ease44:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp6855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn75_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn75:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3790,Binatone,0.00084,6.5,0.0,1.0,0.0,1.0,1,2021-11-12,1.0,2021-09-14,,,1.0,A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,"['CWE-120', 'CWE-121']","['cpe:2.3:o:binatoneglobal:halo\\+_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:halo\\+_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn28_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn50_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_50_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp4855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp669_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_64_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_64:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_view_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:ease44_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:ease44:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp6855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn75_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn75:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3791,Binatone,0.0007,6.5,0.0,1.0,0.0,1.0,1,2021-11-12,1.0,2021-09-14,,,1.0,An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same subnet to download an encrypted log file containing sensitive information such as WiFi SSID and password.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,2.8,3.6,['CWE-532'],"['cpe:2.3:o:binatoneglobal:halo\\+_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:halo\\+_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn28_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn50_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_50_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp4855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp669_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_64_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_64:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_view_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:ease44_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:ease44:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp6855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn75_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn75:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3792,Binatone,0.00084,5.3,0.0,1.0,0.0,1.0,1,2021-11-12,1.0,2021-09-14,,,1.0,Some device communications in some Motorola-branded Binatone Hubble Cameras with backend Hubble services are not encrypted which could lead to the communication channel being accessible by an attacker.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,['CWE-319'],"['cpe:2.3:o:binatoneglobal:halo\\+_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:halo\\+_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn28_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn50_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_50_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp4855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp669_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_64_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_64:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_view_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:ease44_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:ease44:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp6855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn75_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn75:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3793,Binatone,0.00089,5.3,0.0,1.0,0.0,1.0,1,2021-11-12,1.0,2021-09-14,,,1.0,An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosure or device firmware update with verified firmware.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,LOW,NONE,NONE,MEDIUM,3.9,1.4,"['NVD-CWE-Other', 'CWE-424']","['cpe:2.3:o:binatoneglobal:halo\\+_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:halo\\+_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn28_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn50_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_50_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp4855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp669_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_64_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_64:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_view_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:ease44_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:ease44:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp6855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn75_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn75:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3577,Binatone,0.95956,8.8,0.0,1.0,0.0,1.0,0,2021-11-12,1.0,2021-09-14,,,1.0,An unauthenticated remote code execution vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker on the same network unauthorized access to the device.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-863', 'CWE-78']","['cpe:2.3:o:binatoneglobal:halo\\+_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:halo\\+_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn28_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn50_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_50_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp4855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp669_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_64_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_64:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_view_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:ease44_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:ease44:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp6855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn75_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn75:-:*:*:*:*:*:*:*']",0,0
CVE-2021-3787,Binatone,0.00042,7.8,0.0,1.0,0.0,1.0,0,2021-11-12,1.0,2021-09-14,,,1.0,A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with local access to obtain the MQTT credentials that could result in unauthorized access to backend Hubble services.,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,LOCAL,LOW,LOW,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.8,5.9,"['NVD-CWE-noinfo', 'CWE-256']","['cpe:2.3:o:binatoneglobal:halo\\+_camera_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:halo\\+_camera:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_85_connect_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3855_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_68_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_68:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v100:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:focus_72r_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:focus_72r:v200:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn28_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn28:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn50_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn50:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:comfort_50_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:comfort_50_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp4855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp4855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp3667_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp3667:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp669_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp669_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_64_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_64:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_view_65_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_view_65:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:lux_85_connect_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:lux_85_connect:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:ease44_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:ease44:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:connect_20_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:connect_20:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:mbp6855_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:mbp6855:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn40_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn40:-:*:*:*:*:*:*:*', 'cpe:2.3:o:binatoneglobal:cn75_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:binatoneglobal:cn75:-:*:*:*:*:*:*:*']",0,0
CVE-2017-5249,Wink,0.00222,9.8,0.0,0.0,1.0,0.0,0,2018-02-22,1.0,2019-05-10,,,0.0,"In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,"['CWE-312', 'CWE-922']",['cpe:2.3:a:wink:wink:*:*:*:*:*:android:*:*'],0,0
CVE-2018-16618,VTech,0.00749,9.8,0.0,1.0,0.0,0.0,0,2019-06-19,1.0,2018-05-31,,,1.0,"VTech Storio Max before 56.D3JM6 allows remote command execution via shell metacharacters in an Android activity name. It exposes the storeintenttranslate.x service on port 1668 listening for requests on localhost. Requests submitted to this service are checked for a string of random characters followed by the name of an Android activity to start. Activities are started by inserting their name into a string that is executed in a shell command. By inserting metacharacters this can be exploited to run arbitrary commands as root. The requests also match those of the HTTP protocol and can be triggered on any web page rendered on the device by requesting resources stored at an http://127.0.0.1:1668/ URI, as demonstrated by the http://127.0.0.1:1668/dacdb70556479813fab2d92896596eef?';{ping,example.org}' URL.",CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-78'],"['cpe:2.3:o:vtech:storio_max_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:vtech:80-183803:-:*:*:*:*:*:*:*', 'cpe:2.3:h:vtech:80-183804:-:*:*:*:*:*:*:*', 'cpe:2.3:h:vtech:80-183805:-:*:*:*:*:*:*:*', 'cpe:2.3:h:vtech:80-183807:-:*:*:*:*:*:*:*', 'cpe:2.3:h:vtech:80-183822:-:*:*:*:*:*:*:*', 'cpe:2.3:h:vtech:80-183823:-:*:*:*:*:*:*:*', 'cpe:2.3:h:vtech:80-183824:-:*:*:*:*:*:*:*', 'cpe:2.3:h:vtech:80-1838xx:-:*:*:*:*:*:*:*']",0,0
CVE-2018-18558,Espressif,0.00079,6.4,0.0,0.0,1.0,0.0,0,2019-05-13,1.0,2018-11-01,,,1.0,"An issue was discovered in Espressif ESP-IDF 2.x and 3.x before 3.0.6 and 3.1.x before 3.1.1. Insufficient validation of input data in the 2nd stage bootloader allows a physically proximate attacker to bypass secure boot checks and execute arbitrary code, by crafting an application binary that overwrites a bootloader code segment in process_segment in components/bootloader_support/src/esp_image_format.c. The attack is effective when the flash encryption feature is not enabled, or if the attacker finds a different vulnerability that allows them to write this binary to flash memory.",CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.5,5.9,['CWE-20'],"['cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*']",0,0
CVE-2019-12586,Espressif,0.00176,6.5,0.0,0.0,1.0,0.0,0,2019-09-04,1.0,2019-09-05,,,0.0,"The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:a:espressif:arduino-esp32:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:arduino-esp32:1.0.3:-:*:*:*:*:*:*', 'cpe:2.3:a:espressif:arduino-esp32:1.0.3:rc1:*:*:*:*:*:*', 'cpe:2.3:a:espressif:arduino-esp32:1.0.3:rc2:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp8266_nonos_sdk:*:*:*:*:*:*:*:*']",0,0
CVE-2019-12587,Espressif,0.00172,8.1,0.0,0.0,1.0,0.0,0,2019-09-04,1.0,2019-09-05,,,0.0,"The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames via a rogue access point.",CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,HIGH,2.8,5.2,['CWE-327'],"['cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp8266_nonos_sdk:*:*:*:*:*:*:*:*']",0,0
CVE-2019-12588,Espressif,0.00163,6.5,0.0,0.0,1.0,0.0,0,2019-09-04,1.0,2019-09-05,,,0.0,"The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association responses, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-20'],"['cpe:2.3:a:espressif:arduino_esp8266:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp8266_nonos_sdk:*:*:*:*:*:*:*:*']",0,0
CVE-2019-15894,Espressif,0.00079,6.8,0.0,0.0,1.0,0.0,0,2019-10-07,0.0,,1.0,2019-09-03,,"An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.6, 3.2.x through 3.2.3, and 3.3.x through 3.3.1. An attacker who uses fault injection to physically disrupt the ESP32 CPU can bypass the Secure Boot digest verification at startup, and boot unverified code from flash. The fault injection attack does not disable the Flash Encryption feature, so if the ESP32 is configured with the recommended combination of Secure Boot and Flash Encryption, then the impact is minimized. If the ESP32 is configured without Flash Encryption then successful fault injection allows arbitrary code execution. To protect devices with Flash Encryption and Secure Boot enabled against this attack, a firmware change must be made to permanently enable Flash Encryption in the field if it is not already permanently enabled.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,MEDIUM,0.9,5.9,['CWE-755'],"['cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*']",0,0
CVE-2019-17391,Espressif,0.00061,4.6,0.0,1.0,0.0,1.0,0,2019-11-14,0.0,,1.0,2019-11-01,,"An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-08 0 through 2. Lack of anti-glitch mitigations in the first stage bootloader of the ESP32 chip allows an attacker (with physical access to the device) to read the contents of read-protected eFuses, such as flash encryption and secure boot keys, by injecting a glitch into the power supply of the chip shortly after reset.",CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,PHYSICAL,LOW,NONE,NONE,UNCHANGED,HIGH,NONE,NONE,MEDIUM,0.9,3.6,['CWE-755'],"['cpe:2.3:o:espressif:esp32-d0wd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:espressif:esp32-d0wd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:espressif:esp32-d2wd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:espressif:esp32-d2wd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:espressif:esp32-s0wd_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:espressif:esp32-s0wd:-:*:*:*:*:*:*:*', 'cpe:2.3:o:espressif:esp32-pico-d4_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:espressif:esp32-pico-d4:-:*:*:*:*:*:*:*']",0,0
CVE-2020-12638,Espressif,0.00083,6.8,0.0,0.0,1.0,0.0,0,2020-07-23,1.0,2021-02-26,,,0.0,"An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266_NONOS_SDK devices through 3.0.3, and ESP8266_RTOS_SDK devices through 3.3. Broadcasting forged beacon frames forces a device to change its authentication mode to OPEN, effectively disabling its 802.11 encryption.",CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,NONE,MEDIUM,1.6,5.2,['CWE-287'],"['cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp8266_nonos_sdk:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp8266_rtos_sdk:*:*:*:*:*:*:*:*']",0,0
CVE-2020-13594,Espressif,0.00093,6.5,0.0,1.0,1.0,0.0,0,2020-08-31,1.0,2020-07-14,,,1.0,"The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not properly restrict the channel map field of the connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-20'],"['cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:h:espressif:esp32:-:*:*:*:*:*:*:*']",0,0
CVE-2020-13595,Espressif,0.00093,6.5,0.0,1.0,1.0,0.0,0,2020-08-31,1.0,2020-07-14,,,1.0,The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the wrong number of completed BLE packets and triggers a reachable assertion on the host stack when receiving a packet with an MIC failure. An attacker within radio range can silently trigger the assertion (which disables the target's BLE stack) by sending a crafted sequence of BLE packets.,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-617'],"['cpe:2.3:h:espressif:esp32:-:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*']",0,0
CVE-2020-16146,Espressif,0.00163,7.5,0.0,0.0,1.0,0.0,0,2021-01-12,0.0,,0.0,,,"Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btc_blufi_recv_handler function in blufi_prf.c. An attacker can send a crafted BluFi protocol Write Attribute command to characteristic 0xFF01. With manipulated packet fields, there is a buffer overflow.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['CWE-120'],"['cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*']",0,0
CVE-2021-28135,Espressif,0.00144,6.5,0.0,0.0,1.0,0.0,0,2021-09-07,0.0,,0.0,,,"The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (crash) in ESP32 by flooding the target device with LMP Feature Response data.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['NVD-CWE-Other'],['cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*'],0,0
CVE-2021-28136,Espressif,0.00115,6.5,0.0,1.0,1.0,0.0,0,2021-09-07,0.0,,0.0,,,"The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption (and consequently a crash) in ESP32 via a replayed (duplicated) LMP packet.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,MEDIUM,2.8,3.6,['CWE-787'],"['cpe:2.3:h:espressif:esp32:-:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*']",0,0
CVE-2021-28139,Espressif,0.00154,8.8,0.0,1.0,1.0,0.0,0,2021-09-07,0.0,,0.0,,,"The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly restrict the Feature Page upon reception of an LMP Feature Response Extended packet, allowing attackers in radio range to trigger arbitrary code execution in ESP32 via a crafted Extended Features bitfield payload.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['NVD-CWE-noinfo'],"['cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*', 'cpe:2.3:h:espressif:esp32:-:*:*:*:*:*:*:*']",0,0
CVE-2021-34173,Espressif,0.00117,7.5,0.0,1.0,0.0,1.0,0,2021-07-14,0.0,,0.0,,,An attacker can cause a Denial of Service and kernel panic in v4.2 and earlier versions of Espressif esp32 via a malformed beacon csa frame. The device requires a reboot to recover.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,NONE,HIGH,HIGH,3.9,3.6,['NVD-CWE-noinfo'],"['cpe:2.3:o:espressif:esp32_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:espressif:esp32:-:*:*:*:*:*:*:*']",0,0
CVE-2021-41104,Espressif,0.00086,7.5,0.0,1.0,0.0,0.0,0,2021-09-28,1.0,2021-09-02,,,1.0,"ESPHome is a system to control the ESP8266/ESP32. Anyone with web_server enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which `web_server` allows over-the-air (OTA) updates without checking user defined basic auth username & password. This issue is patched in version 2021.9.2. As a workaround, one may disable or remove `web_server`.",CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,NETWORK,LOW,NONE,NONE,UNCHANGED,NONE,HIGH,NONE,HIGH,3.9,3.6,['CWE-306'],"['cpe:2.3:o:esphome:esphome_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:espressif:esp32:-:*:*:*:*:*:*:*', 'cpe:2.3:h:espressif:esp8266:-:*:*:*:*:*:*:*']",0,0
CVE-2022-24893,Espressif,0.00088,8.8,0.0,0.0,1.0,0.0,0,2022-06-25,0.0,,1.0,2022-06-23,,"ESP-IDF is the official development framework for Espressif SoCs. In Espressif’s Bluetooth Mesh SDK (`ESP-BLE-MESH`), a memory corruption vulnerability can be triggered during provisioning, because there is no check for the `SegN` field of the Transaction Start PDU. This can result in memory corruption related attacks and potentially attacker gaining control of the entire system. Patch commits are available on the 4.1, 4.2, 4.3 and 4.4 branches and users are recommended to upgrade. The upgrade is applicable for all applications and users of `ESP-BLE-MESH` component from `ESP-IDF`. As it is implemented in the Bluetooth Mesh stack, there is no workaround for the user to fix the application layer without upgrading the underlying firmware.",CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,['CWE-787'],"['cpe:2.3:a:espressif:esp-idf:4.1.3:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:4.2.3:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:4.3.2:*:*:*:*:*:*:*', 'cpe:2.3:a:espressif:esp-idf:4.4.1:*:*:*:*:*:*:*']",0,0
CVE-2020-13109,Nintendo,0.01471,9.8,0.0,1.0,0.0,0.0,0,2020-05-16,0.0,,0.0,,,Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remote attackers to execute arbitrary code via crafted packet data to the built-in modem because 0x800b3e94 (aka the IF subcommand to top-level command 7) has a stack-based buffer overflow.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-787'],"['cpe:2.3:a:seta:morita_shogi_64:*:*:*:*:*:*:*:*', 'cpe:2.3:h:nintendo:nintendo_64:-:*:*:*:*:*:*:*']",0,0
CVE-2022-3216,Nintendo,0.00211,8.8,0.0,1.0,0.0,1.0,0,2022-09-14,0.0,,0.0,,,A vulnerability has been found in Nintendo Game Boy Color and classified as problematic. This vulnerability affects unknown code of the component Mobile Adapter GB. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-208606 is the identifier assigned to this vulnerability.,CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,REQUIRED,UNCHANGED,HIGH,HIGH,HIGH,HIGH,2.8,5.9,"['CWE-674', 'CWE-119']","['cpe:2.3:o:nintendo:game_boy_color_firmware:-:*:*:*:*:*:*:*', 'cpe:2.3:h:nintendo:game_boy_color:-:*:*:*:*:*:*:*']",0,0
CVE-2020-21224,Inspur,0.06073,9.8,0.0,0.0,1.0,0.0,0,2021-02-22,1.0,2021-02-23,,,0.0,A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker can send a malicious login packet to the control server,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-88'],['cpe:2.3:a:inspur:clusterengine:4.0:*:*:*:*:*:*:*'],0,0
CVE-2020-26122,Inspur,0.00959,7.2,0.0,1.0,0.0,1.0,0,2020-12-07,1.0,2021-03-02,,,0.0,"Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges. The Baseboard Management Controller (BMC) program of INSPUR server is weak in checking the firmware and lacks the signature verification mechanism, the attacker who obtains the administrator's rights can control the BMC by inserting malicious code into the firmware program and bypassing the current verification mechanism to upgrade the BMC.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-347'],"['cpe:2.3:o:inspur:nf8480m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:nf8480m5:-:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:nf8260m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:nf8260m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:ns5162m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:ns5162m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:ns5488m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:ns5488m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:ns5484m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:ns5484m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:ns5482m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:ns5482m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:nf5280m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:nf5280m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:nf5468m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:nf5468m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:nf5488m5-d:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:nf5488m5-d_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:nf5180m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:nf5180m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:nf5270m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:nf5270m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:nf5260m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:nf5260m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:nf5266m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:nf5266m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:nf5466m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:nf5466m5:-:*:*:*:*:*:*:*', 'cpe:2.3:o:inspur:nf5486m5_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:inspur:nf5486m5:-:*:*:*:*:*:*:*']",0,0
CVE-2020-27483,Garmin,0.00421,9.9,0.0,1.0,0.0,0.0,0,2020-11-16,1.0,2020-10-05,,,1.0,"Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the offset provided for the stack value duplication instruction, DUP. The offset is unchecked and memory prior to the start of the execution stack can be read and treated as a TVM object. A successful exploit could use the vulnerability to leak runtime information such as the heap handle or pointer for a number of TVM context variables. Some reachable values may be controlled enough to forge a TVM object on the stack, leading to possible remote code execution.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-129'],"['cpe:2.3:o:garmin:forerunner_235_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:garmin:forerunner_235:-:*:*:*:*:*:*:*']",0,0
CVE-2020-27484,Garmin,0.00153,9.9,0.0,1.0,0.0,0.0,0,2020-11-16,1.0,2020-10-05,,,1.0,"Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check for overflow when allocating the array for the NEWA instruction. This a constrained read/write primitive across the entire MAX32630 address space. A successful exploit would allow a ConnectIQ app store application to escape and perform activities outside the restricted application execution environment.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-190'],"['cpe:2.3:o:garmin:forerunner_235_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:garmin:forerunner_235:-:*:*:*:*:*:*:*']",0,0
CVE-2020-27485,Garmin,0.00131,9.9,0.0,1.0,0.0,0.0,0,2020-11-16,1.0,2020-10-05,,,1.0,"Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check the index provided when accessing the local variable in the LGETV and LPUTV instructions. This provides the ability to both read and write memory outside the bounds of the TVM context allocation. It can be leveraged to construct a use-after-free scenario, leading to a constrained read/write primitive across the entire MAX32630 address space. A successful exploit would allow a ConnectIQ app store application to escape and perform activities outside the restricted application execution environment.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-129'],"['cpe:2.3:o:garmin:forerunner_235_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:garmin:forerunner_235:-:*:*:*:*:*:*:*']",0,0
CVE-2020-27486,Garmin,0.00121,9.9,0.0,1.0,0.0,0.0,0,2020-11-16,1.0,2020-10-05,,,1.0,"Garmin Forerunner 235 before 8.20 is affected by: Buffer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the string length provided in the data section of the PRG file. It allocates memory for the string immediately, and then copies the string into the TVM object by using a function similar to strcpy. This copy can exceed the length of the allocated string data and overwrite heap data. A successful exploit would allow a ConnectIQ app store application to escape and perform activities outside the restricted application execution environment.",CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,NETWORK,LOW,LOW,NONE,CHANGED,HIGH,HIGH,HIGH,CRITICAL,3.1,6.0,['CWE-120'],"['cpe:2.3:o:garmin:forerunner_235_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:garmin:forerunner_235:-:*:*:*:*:*:*:*']",0,0
CVE-2021-27132,Sercomm,0.04033,9.8,0.0,1.0,0.0,1.0,0,2021-02-27,0.0,,1.0,2021-02-08,,SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,CRITICAL,3.9,5.9,['CWE-74'],"['cpe:2.3:h:sercomm:agcombo_vd625:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sercomm:agcombo_vd625_firmware:agsot_2.1.0:*:*:*:*:*:*:*']",0,0
CVE-2021-44080,Sercomm,0.0024,7.2,0.0,1.0,0.0,1.0,0,2022-06-02,1.0,2021-10-18,,,1.0,"A Command Injection vulnerability in httpd web server (setup.cgi) in SerComm h500s, FW: lowi-h500s-v3.4.22 allows logged in administrators to arbitrary OS commands as root in the device via the connection_type parameter of the statussupport_diagnostic_tracing.json endpoint.",CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,NETWORK,LOW,HIGH,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.2,5.9,['CWE-78'],"['cpe:2.3:h:sercomm:h500s:-:*:*:*:*:*:*:*', 'cpe:2.3:o:sercomm:h500s_firmware:lowi-h500s-v3.4.22:*:*:*:*:*:*:*']",0,0
CVE-2021-29255,MicroSeven,0.00147,7.5,0.0,1.0,0.0,1.0,0,2021-03-26,0.0,,0.0,,,MicroSeven MYM71080i-B 2.0.5 through 2.0.20 devices send admin credentials in cleartext to pnp.microseven.com TCP port 7007. An attacker on the same network as the device can capture these credentials.,CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H,ADJACENT_NETWORK,HIGH,NONE,NONE,UNCHANGED,HIGH,HIGH,HIGH,HIGH,1.6,5.9,['CWE-522'],"['cpe:2.3:o:microseven:mym71080i-b_firmware:*:*:*:*:*:*:*:*', 'cpe:2.3:h:microseven:mym71080i-b:-:*:*:*:*:*:*:*']",0,0