VulnerableCode Vulnerability Details

System	Score	Found at
cvssv3	4.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5407.json
epss	0.00289	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.00289	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.00289	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.00289	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.00289	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.006	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
epss	0.00617	https://api.first.org/data/v1/epss?cve=CVE-2018-5407
cvssv3	4.8	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2	1.9	https://nvd.nist.gov/vuln/detail/CVE-2018-5407
cvssv3.1	4.7	https://nvd.nist.gov/vuln/detail/CVE-2018-5407

System

Score

Found at

cvssv3

4.8

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5407.json

epss

0.00289

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.00289

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.00289

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.00289

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.00289

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.006

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.006

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.006

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.006

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.006

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.006

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.006

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.006

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.006

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.006

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.006

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

epss

0.00617

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

cvssv3

4.8

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

cvssv2

1.9

https://nvd.nist.gov/vuln/detail/CVE-2018-5407

cvssv3.1

4.7

https://nvd.nist.gov/vuln/detail/CVE-2018-5407

Reference id	Reference type	URL
		https://access.redhat.com/errata/RHSA-2019:0483
		https://access.redhat.com/errata/RHSA-2019:0651
		https://access.redhat.com/errata/RHSA-2019:0652
		https://access.redhat.com/errata/RHSA-2019:2125
		https://access.redhat.com/errata/RHSA-2019:3929
		https://access.redhat.com/errata/RHSA-2019:3931
		https://access.redhat.com/errata/RHSA-2019:3932
		https://access.redhat.com/errata/RHSA-2019:3933
		https://access.redhat.com/errata/RHSA-2019:3935
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5407.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-5407
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0735
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0737
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407
		https://eprint.iacr.org/2018/1060.pdf
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/bbbrumley/portsmash
		https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html
		https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
		https://security.gentoo.org/glsa/201903-10
		https://security.netapp.com/advisory/ntap-20181126-0001/
		https://support.f5.com/csp/article/K49711130?utm_source=f5support&amp%3Butm_medium=RSS
		https://www.debian.org/security/2018/dsa-4348
		https://www.debian.org/security/2018/dsa-4355
		https://www.exploit-db.com/exploits/45785/
		https://www.oracle.com/security-alerts/cpuapr2020.html
		https://www.oracle.com/security-alerts/cpujan2020.html
		https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
		https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
		https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
		https://www.tenable.com/security/tns-2018-16
		https://www.tenable.com/security/tns-2018-17
		http://www.securityfocus.com/bid/105897
1645695		https://bugzilla.redhat.com/show_bug.cgi?id=1645695
cpe:2.3:a:nodejs:node.js::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js::::::::
cpe:2.3:a:openssl:openssl::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl::::::::
cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:::::::*
cpe:2.3:a:oracle:application_server:0.9.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:application_server:0.9.8:::::::*
cpe:2.3:a:oracle:application_server:1.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:application_server:1.0.0:::::::*
cpe:2.3:a:oracle:application_server:1.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:application_server:1.0.1:::::::*
cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:::::::*
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:::::::*
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:::::::*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
cpe:2.3:a:oracle:mysql_enterprise_backup::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_enterprise_backup::::::::
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:::::::*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:::::::*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:::::::*
cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:::::::*
cpe:2.3:a:oracle:vm_virtualbox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox::::::::
cpe:2.3:a:tenable:nessus::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:nessus::::::::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2018-5407	Exploit	https://github.com/bbbrumley/portsmash/tree/e3e7447ba04e1a8a5637cabadf3403faf94f7a56
CVE-2018-5407	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/local/45785.md
CVE-2018-5407		https://nvd.nist.gov/vuln/detail/CVE-2018-5407
USN-3840-1		https://usn.ubuntu.com/3840-1/

Reference id

Reference type

URL

https://access.redhat.com/errata/RHSA-2019:0483

https://access.redhat.com/errata/RHSA-2019:0651

https://access.redhat.com/errata/RHSA-2019:0652

https://access.redhat.com/errata/RHSA-2019:2125

https://access.redhat.com/errata/RHSA-2019:3929

https://access.redhat.com/errata/RHSA-2019:3931

https://access.redhat.com/errata/RHSA-2019:3932

https://access.redhat.com/errata/RHSA-2019:3933

https://access.redhat.com/errata/RHSA-2019:3935

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5407.json

https://api.first.org/data/v1/epss?cve=CVE-2018-5407

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0735

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0737

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407

https://eprint.iacr.org/2018/1060.pdf

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

https://github.com/bbbrumley/portsmash

https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html

https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/

https://security.gentoo.org/glsa/201903-10

https://security.netapp.com/advisory/ntap-20181126-0001/

https://support.f5.com/csp/article/K49711130?utm_source=f5support&amp%3Butm_medium=RSS

https://www.debian.org/security/2018/dsa-4348

https://www.debian.org/security/2018/dsa-4355

https://www.exploit-db.com/exploits/45785/

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.oracle.com/security-alerts/cpujan2020.html

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://www.tenable.com/security/tns-2018-16

https://www.tenable.com/security/tns-2018-17

http://www.securityfocus.com/bid/105897

1645695

https://bugzilla.redhat.com/show_bug.cgi?id=1645695

cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:0.9.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:application_server:0.9.8:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:1.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:application_server:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:1.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:application_server:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql_enterprise_backup:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_enterprise_backup:*:*:*:*:*:*:*:*

cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*

cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*

cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*

cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

CVE-2018-5407

Exploit

https://github.com/bbbrumley/portsmash/tree/e3e7447ba04e1a8a5637cabadf3403faf94f7a56

CVE-2018-5407

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/local/45785.md

CVE-2018-5407

https://nvd.nist.gov/vuln/detail/CVE-2018-5407

USN-3840-1

https://usn.ubuntu.com/3840-1/

Data source	Exploit-DB
Date added	Nov. 5, 2018
Description	Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel
Ransomware campaign use	Unknown
Source publication date	Nov. 2, 2018
Exploit type	local
Platform	hardware
Source update date	Nov. 5, 2018
Source URL	https://github.com/bbbrumley/portsmash/tree/e3e7447ba04e1a8a5637cabadf3403faf94f7a56

Exploit-DB

Nov. 5, 2018

Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel

Unknown

Nov. 2, 2018

local

hardware

Nov. 5, 2018

https://github.com/bbbrumley/portsmash/tree/e3e7447ba04e1a8a5637cabadf3403faf94f7a56

Vector: CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5407.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2018-5407

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2018-5407

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:35:10.317319+00:00	Ubuntu USN Importer	Import	https://usn.ubuntu.com/3840-1/	37.0.0

2025-07-31T08:35:10.317319+00:00

Ubuntu USN Importer

Import

https://usn.ubuntu.com/3840-1/

37.0.0

Vulnerability ID	VCID-d8fm-3z5t-kqd4
Aliases	CVE-2018-5407
Summary	Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
Status	Published
Exploitability	2.0
Weighted Severity	4.3
Risk	8.6
Affected and Fixed Packages	Package Details

CWE-203	Observable Discrepancy
CWE-200	Exposure of Sensitive Information to an Unauthorized Actor

Percentile	0.52232
EPSS Score	0.00289
Published At	Aug. 1, 2025, 12:55 p.m.