|
252421
|
7.5 |
HIGH
Network
|
emc
|
data_domain_os
data_domain
|
An issue was discovered in EMC Data Domain DD OS 5.7 family, versions prior to 5.7.5.6; EMC Data Domain DD OS 6.0 family, versions prior to 6.0.2.9; EMC Data Domain DD OS 6.1 family, versions prior t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14385
|
2024-11-21 12:12 |
2017-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252422
|
6.1 |
MEDIUM
Network
|
maplesoft
|
maple_t.a.
|
A Reflected XSS Vulnerability affects the forgotten password page of Maplesoft Maple T.A. 2016.0.6 (Customer Hosted) via the emailAddress parameter to passwordreset/PasswordReset.do, aka Open Bug Bou…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14134
|
2024-11-21 12:12 |
2017-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252423
|
6.1 |
MEDIUM
Network
|
trendmicro
|
scanmail
|
The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting (XSS) attacks.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14093
|
2024-11-21 12:12 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252424
|
8.8 |
HIGH
Network
|
trendmicro
|
scanmail
|
The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 12.0 web interface forms could allow an attacker to submit authenticated requests when an authenticated user browses an attacker-c…
|
CWE-352
Origin Validation Error
|
CVE-2017-14092
|
2024-11-21 12:12 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252425
|
7.5 |
HIGH
Network
|
trendmicro
|
scanmail
|
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensi…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2017-14091
|
2024-11-21 12:12 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252426
|
9.1 |
CRITICAL
Network
|
trendmicro
|
scanmail
|
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-14090
|
2024-11-21 12:12 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252427
|
8.8 |
HIGH
Network
|
fortinet
|
forticlient
forticlient_sslvpn_client
|
An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334…
|
CWE-200
Information Exposure
|
CVE-2017-14184
|
2024-11-21 12:12 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252428
|
9.8 |
CRITICAL
Network
|
changehealthcare
|
conserus_image_repository
|
A security researcher found an XML External Entity (XXE) vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change H…
|
CWE-611
XXE
|
CVE-2017-14101
|
2024-11-21 12:12 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252429
|
6.7 |
MEDIUM
Local
|
emc
|
isilon_onefs
|
In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_…
|
CWE-269
Improper Privilege Management
|
CVE-2017-14380
|
2024-11-21 12:12 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252430
|
7.3 |
HIGH
Network
|
microfocus
|
project_and_portfolio_management
|
Cross-Site Request Forgery vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Cross-Site Forgery attack.
|
CWE-352
Origin Validation Error
|
CVE-2017-14362
|
2024-11-21 12:12 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
