Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-10	CVE-2018-3693	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. local high complexity intel arm oracle schneider-electric netapp redhat fujitsu	5.6
2018-07-03	CVE-2018-7787	Improper Input Validation vulnerability in Schneider-Electric U.Motion Builder 1.2.1 In Schneider Electric U.motion Builder software versions prior to v1.3.4, this vulnerability is due to improper validation of input of context parameter in HTTP GET request. network low complexity schneider-electric CWE-20	5.3
2018-07-03	CVE-2018-7786	Cross-site Scripting vulnerability in Schneider-Electric U.Motion Builder 1.2.1 In Schneider Electric U.motion Builder software versions prior to v1.3.4, a cross site scripting (XSS) vulnerability exists which could allow injection of malicious scripts. network low complexity schneider-electric CWE-79	6.1
2018-07-03	CVE-2018-7776	Information Exposure vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within error.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. network low complexity schneider-electric CWE-200	4.3
2018-07-03	CVE-2018-7770	Path Traversal vulnerability in Schneider-Electric U.Motion The vulnerability exists within processing of sendmail.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. network low complexity schneider-electric CWE-22	6.5
2018-07-03	CVE-2018-7764	Path Traversal vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within runscript.php applet in Schneider Electric U.motion Builder software versions prior to v1.3.4. network low complexity schneider-electric CWE-22	4.3
2018-07-03	CVE-2018-7763	Path Traversal vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. network low complexity schneider-electric CWE-22	4.3
2018-05-22	CVE-2018-3639	Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. local low complexity intel arm redhat debian canonical siemens oracle mitel sonicwall schneider-electric nvidia microsoft CWE-203	5.5
2018-05-18	CVE-2017-9637	Insufficiently Protected Credentials vulnerability in Schneider-Electric Ampla Manufacturing Execution System 6.4 Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party databases. local high complexity schneider-electric CWE-522	4.1
2018-05-04	CVE-2018-7522	Unspecified vulnerability in Schneider-Electric Triconex Tricon MP 3008 Firmware 10.0 In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. local low complexity schneider-electric	6.7