Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-13 CVE-2017-13095 Cryptographic Issues vulnerability in -
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of a license-deny response to a license grant.
local
low complexity
CWE-310
7.8
2018-07-13 CVE-2017-13094 Cryptographic Issues vulnerability in -
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP.
local
low complexity
CWE-310
7.8
2018-07-13 CVE-2017-13093 Cryptographic Issues vulnerability in -
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans.
local
low complexity
CWE-310
7.8
2018-07-13 CVE-2017-13092 Cryptographic Issues vulnerability in -
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle.
local
low complexity
CWE-310
7.8
2018-07-13 CVE-2017-13091 Cryptographic Issues vulnerability in -
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle.
local
low complexity
CWE-310
7.8
2018-07-13 CVE-2016-9497 Improper Authentication vulnerability in Hughes products
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel.
low complexity
hughes CWE-287
8.8
2018-07-13 CVE-2016-9495 Use of Hard-coded Credentials vulnerability in Hughes products
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials.
low complexity
hughes CWE-798
8.8
2018-07-13 CVE-2016-9489 Permissions, Privileges, and Access Controls vulnerability in Zohocorp Manageengine Applications Manager 12.0/13.0
In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e.
network
low complexity
zohocorp CWE-264
8.8
2018-07-13 CVE-2016-9487 XXE vulnerability in W3 Epubcheck 4.0.1
EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation.
local
low complexity
w3 CWE-611
7.8
2018-07-13 CVE-2016-9486 Permissions, Privileges, and Access Controls vulnerability in Forescout Secureconnector
On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent.
local
low complexity
forescout CWE-264
7.8