|
257591
|
6.1 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
Embedding Script (XSS) in HTTP Headers vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of th…
|
CWE-79
Cross-site Scripting
|
CVE-2017-4011
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257592
|
9.6 |
CRITICAL
Adjacent
|
cisco
|
small_business_rv_router_firmware
small_business_rv_router_firmware_1.0
|
A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-3882
|
2024-11-21 12:26 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257593
|
7.5 |
HIGH
Network
|
cisco
|
ios_xr
|
A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected devi…
|
NVD-CWE-noinfo
|
CVE-2017-3876
|
2024-11-21 12:26 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257594
|
7.5 |
HIGH
Adjacent
|
cisco
|
aironet_access_point_firmware
|
A vulnerability in the Plug-and-Play (PnP) subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight Access Point (AP) or Mobility Express image could allow an un…
|
CWE-20
Improper Input Validation
|
CVE-2017-3873
|
2024-11-21 12:26 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257595
|
7.5 |
HIGH
Network
|
cisco
|
telepresence_tc
telepresence_ce
|
A vulnerability in the ICMP ingress packet processing of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause the TelePresence endpoint to …
|
CWE-20
Improper Input Validation
|
CVE-2017-3825
|
2024-11-21 12:26 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257596
|
6.1 |
MEDIUM
Network
|
blackberry
|
enterprise_service
unified_endpoint_manager
|
A stored cross site scripting vulnerability in the Management Console of BlackBerry Unified Endpoint Manager version 12.6.1 and earlier, and all versions of BES12, allows attackers to execute actions…
|
CWE-79
Cross-site Scripting
|
CVE-2017-3894
|
2024-11-21 12:26 |
2017-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257597
|
3.8 |
LOW
Local
|
vmware
|
airwatch_agent
airwatch_inbox
|
Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application. Successful exploitation of this issue may result in an unauthoriz…
|
NVD-CWE-noinfo
|
CVE-2017-4896
|
2024-11-21 12:26 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257598
|
8.8 |
HIGH
Local
|
vmware
|
airwatch_agent
airwatch_inbox
|
Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access…
|
NVD-CWE-noinfo
|
CVE-2017-4895
|
2024-11-21 12:26 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257599
|
9.8 |
CRITICAL
Network
|
emc
|
mainframe_enablers_resourcepak_base
|
EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a privilege management vulnerability that could potentially be exploited by malicious users to compromise t…
|
CWE-269
Improper Privilege Management
|
CVE-2017-4982
|
2024-11-21 12:26 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257600
|
7.5 |
HIGH
Network
|
openssl
hp
|
openssl
operations_agent
|
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (d…
|
CWE-20
Improper Input Validation
|
CVE-2017-3733
|
2024-11-21 12:26 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
