|
253231
|
5.4 |
MEDIUM
Network
|
hp
|
performance_center
|
A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14359
|
2024-11-21 12:12 |
2017-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253232
|
7.8 |
HIGH
Local
|
emc
|
appsync
|
EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-14376
|
2024-11-21 12:12 |
2017-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253233
|
9.8 |
CRITICAL
Network
|
emc
dell
|
vmax_emanagement
vasa
solutions_enabler
emc_unisphere
|
EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512,…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2017-14375
|
2024-11-21 12:12 |
2017-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253234
|
8.8 |
HIGH
Network
|
mahara
|
mahara
|
An issue was discovered in Mahara before 15.04.14, 16.x before 16.04.8, 16.10.x before 16.10.5, and 17.x before 17.04.3. When one closes the browser without logging out of Mahara, the value in the us…
|
CWE-384
Session Fixation
|
CVE-2017-14163
|
2024-11-21 12:12 |
2017-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253235
|
6.1 |
MEDIUM
Network
|
hp
|
arcsight_enterprise_security_manager
arcsight_enterprise_security_manager_express
|
A URL redirection to untrusted site vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited r…
|
CWE-601
Open Redirect
|
CVE-2017-14358
|
2024-11-21 12:12 |
2017-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253236
|
6.1 |
MEDIUM
Network
|
hp
|
arcsight_enterprise_security_manager
arcsight_enterprise_security_manager_express
|
A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could …
|
CWE-79
Cross-site Scripting
|
CVE-2017-14357
|
2024-11-21 12:12 |
2017-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253237
|
9.8 |
CRITICAL
Network
|
hp
|
arcsight_enterprise_security_manager
arcsight_enterprise_security_manager_express
|
An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQ…
|
CWE-89
SQL Injection
|
CVE-2017-14356
|
2024-11-21 12:12 |
2017-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253238
|
6.1 |
MEDIUM
Network
|
emc
|
rsa_authentication_manager
|
EMC RSA Authentication Manager 8.2 SP1 P4 and earlier contains a reflected cross-site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14373
|
2024-11-21 12:12 |
2017-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253239
|
6.5 |
MEDIUM
Network
|
fortinet
|
fortios
|
A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 allows an authenticated user to cause the web GUI to be temporarily unresponsive, via passing a specially crafted payload to…
|
CWE-20
Improper Input Validation
|
CVE-2017-14182
|
2024-11-21 12:12 |
2017-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253240
|
8.1 |
HIGH
Network
|
extremenetworks
|
extremexos
|
Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.
|
NVD-CWE-noinfo
|
CVE-2017-14332
|
2024-11-21 12:12 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
