|
253201
|
8.8 |
HIGH
Network
|
fortinet
|
forticlient
forticlient_sslvpn_client
|
An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334…
|
CWE-200
Information Exposure
|
CVE-2017-14184
|
2024-11-21 12:12 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253202
|
9.8 |
CRITICAL
Network
|
changehealthcare
|
conserus_image_repository
|
A security researcher found an XML External Entity (XXE) vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change H…
|
CWE-611
XXE
|
CVE-2017-14101
|
2024-11-21 12:12 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253203
|
6.7 |
MEDIUM
Local
|
emc
|
isilon_onefs
|
In EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, 8.0.0.0 - 8.0.0.4, 7.2.1.0 - 7.2.1.5, 7.2.0.x, and 7.1.1.x, a malicious compliance admin (compadmin) account user could exploit a vulnerability in isi_…
|
CWE-269
Improper Privilege Management
|
CVE-2017-14380
|
2024-11-21 12:12 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253204
|
7.3 |
HIGH
Network
|
microfocus
|
project_and_portfolio_management
|
Cross-Site Request Forgery vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Cross-Site Forgery attack.
|
CWE-352
Origin Validation Error
|
CVE-2017-14362
|
2024-11-21 12:12 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253205
|
7.4 |
HIGH
Network
|
microfocus
|
project_and_portfolio_management
|
Man-In-The-Middle vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Man-in-the-middle attack.
|
NVD-CWE-noinfo
|
CVE-2017-14361
|
2024-11-21 12:12 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253206
|
6.1 |
MEDIUM
Network
|
dell
|
2355dn_firmware
2335dn_firmware
|
The web user interface of Dell 2335dn and 2355dn Multifunction Laser Printers, firmware versions prior to V2.70.06.26 A13 and V2.70.45.34 A10 respectively, are affected by a cross-site scripting vuln…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14386
|
2024-11-21 12:12 |
2017-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253207
|
9.8 |
CRITICAL
Network
|
dell
|
storage_manager
|
The SMI-S service in Dell Storage Manager versions earlier than 16.3.20 (aka 2016 R3.20) is protected using a hard-coded password. A remote user with the knowledge of the password might potentially d…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-14374
|
2024-11-21 12:12 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253208
|
7.8 |
HIGH
Local
|
microfocus
|
connected_backup
|
A potential security vulnerability has been identified in HPE Connected Backup versions 8.6 and 8.8.6. The vulnerability could be exploited locally to allow escalation of privilege.
|
NVD-CWE-noinfo
|
CVE-2017-14355
|
2024-11-21 12:12 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253209
|
6.1 |
MEDIUM
Network
|
sap
|
businessobjects_financial_consolidation
|
Cross-Site Scripting (XSS) exists in SAP Business Objects Financial Consolidation before 2017-06-13, aka SAP Security Note 2422292.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14516
|
2024-11-21 12:12 |
2017-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253210
|
9.1 |
CRITICAL
Network
|
ohmibod
|
ohmibod_remote
|
The OhMiBod Remote app for Android and iOS allows remote attackers to impersonate users by sniffing network traffic for search responses from the OhMiBod API server and then editing the username, use…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2017-14487
|
2024-11-21 12:12 |
2017-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
