|
247871
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled object owner relationships, which allowed a remote attacker to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5006
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247872
|
8.8 |
HIGH
Local
|
cisco
|
unified_computing_system_director
|
A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a Privil…
|
CWE-863
Incorrect Authorization
|
CVE-2017-3801
|
2024-11-21 12:26 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247873
|
5.4 |
MEDIUM
Network
|
mcafee
|
epolicy_orchestrator
|
Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing …
|
CWE-79
Cross-site Scripting
|
CVE-2017-3902
|
2024-11-21 12:26 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247874
|
5.9 |
MEDIUM
Network
|
mcafee
|
mcafee_agent
|
Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters v…
|
CWE-20
Improper Input Validation
|
CVE-2017-3896
|
2024-11-21 12:26 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247875
|
7.8 |
HIGH
Local
|
cisco
|
anyconnect_secure_mobility_client
|
A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with th…
|
CWE-862
Missing Authorization
|
CVE-2017-3813
|
2024-11-21 12:26 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247876
|
8.8 |
HIGH
Network
|
cisco
|
adaptive_security_appliance_software
|
A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-3807
|
2024-11-21 12:26 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247877
|
6.8 |
MEDIUM
Network
|
cisco
|
ios_xe
|
A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-3824
|
2024-11-21 12:26 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247878
|
5.8 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content, aka a URL Bypass. More I…
|
CWE-20
Improper Input Validation
|
CVE-2017-3814
|
2024-11-21 12:26 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247879
|
6.8 |
MEDIUM
Network
|
cisco
|
industrial_ethernet_2000_series_firmware
|
A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a de…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-3812
|
2024-11-21 12:26 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247880
|
5.4 |
MEDIUM
Network
|
cisco
|
prime_service_catalog
|
A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected s…
|
CWE-601
Open Redirect
|
CVE-2017-3810
|
2024-11-21 12:26 |
2017-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
