|
247481
|
5.3 |
MEDIUM
Network
|
cisco
|
ios_xr
|
A vulnerability in Google-defined remote procedure call (gRPC) handling in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-6599
|
2024-11-21 12:30 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247482
|
6.7 |
MEDIUM
Local
|
cisco
|
unified_computing_system
firepower_extensible_operating_system
|
A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security …
|
CWE-862
Missing Authorization
|
CVE-2017-6598
|
2024-11-21 12:30 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247483
|
8.8 |
HIGH
Network
|
gmv
|
checker_atm_security
|
GMV Checker ATM Security prior to 5.0.18 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka PT-2017-03.
|
NVD-CWE-noinfo
|
CVE-2017-6968
|
2024-11-21 12:30 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247484
|
6.8 |
MEDIUM
Physics
|
apple
|
iphone_os
|
Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6975
|
2024-11-21 12:30 |
2017-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247485
|
8.8 |
HIGH
Adjacent
|
broadcom
|
hardmac_wi-fi_soc_firmware
|
On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r (FT) authentication response, leading to remote code execution via a crafted access point …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6956
|
2024-11-21 12:30 |
2017-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247486
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the system-installation subsystem of the "System Integrity Protection" component. It allows att…
|
CWE-20
Improper Input Validation
|
CVE-2017-6974
|
2024-11-21 12:30 |
2017-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247487
|
4.8 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code through a crafted 'action' parameter. Thi…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6973
|
2024-11-21 12:30 |
2017-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247488
|
5.4 |
MEDIUM
Network
|
siemens
|
ruggedcom_rox_i
|
The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow an authenticated user to perform stored Cross-Site Scripting attacks.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6864
|
2024-11-21 12:30 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247489
|
7.8 |
HIGH
Local
|
canonical
debian
|
ubuntu_linux
debian_linux
|
dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute cod…
|
CWE-252
Unchecked Return Value
|
CVE-2017-6964
|
2024-11-21 12:30 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247490
|
5.4 |
MEDIUM
Network
|
metinfo
|
metinfo
|
Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name_2 parameter to admin/column/delete.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6878
|
2024-11-21 12:30 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
