CylanceVulnResearch/disclosures

Releases0

Stars17

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2017-3197 ↗	Jul 9, 2018Monday, 9 July 2018, 19:29	—	10 HIGH
GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 (version F6) and GB-BXi7-5775 (version F2) platforms does not securely implement BIOSWE, BLE, SMM_BWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash.
CVE-2016-5640 ↗	Aug 3, 2016Wednesday, 3 August 2016, 01:59	—	10 HIGH
Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to execute arbitrary commands via a .. (dot dot) in the ATE_COMMAND parameter.
CVE-2016-5639 ↗	Aug 3, 2016Wednesday, 3 August 2016, 01:59	—	5 MEDIUM
Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the src parameter.