|
254951
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest…
|
-
|
CVE-2017-12188
|
2024-11-21 12:09 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254952
|
6.5 |
MEDIUM
Network
|
apache
|
nifi
|
An authorized user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity (XXE) attack. The fix to properly handle XML External Entities was ap…
|
CWE-611
XXE
|
CVE-2017-12623
|
2024-11-21 12:09 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254953
|
7.5 |
HIGH
Network
|
cisco
|
ios_xr
|
A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12270
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254954
|
5.4 |
MEDIUM
Network
|
cisco
|
spark
|
A vulnerability in the web UI of Cisco Spark Messaging Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. The vulnerability is due to insuff…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12269
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254955
|
6.5 |
MEDIUM
Local
|
cisco
|
anyconnect_secure_mobility_client
|
A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Inter…
|
NVD-CWE-noinfo
|
CVE-2017-12268
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254956
|
5.3 |
MEDIUM
Network
|
cisco
|
wide_area_application_services
virtual_wide_area_application_services
|
A vulnerability in the Independent Computing Architecture (ICA) accelerator feature for the Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an ICA…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12267
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254957
|
4.2 |
MEDIUM
Local
|
cisco
|
meeting_app
|
A vulnerability in the routine that loads DLL files in Cisco Meeting App for Windows could allow an authenticated, local attacker to run an executable file with privileges equivalent to those of Cisc…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-12266
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254958
|
5.3 |
MEDIUM
Network
|
cisco
|
meeting_server
|
A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficie…
|
CWE-20
Improper Input Validation
|
CVE-2017-12264
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254959
|
6.1 |
MEDIUM
Network
|
cisco
|
adaptive_security_appliance
|
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attac…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12265
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254960
|
7.5 |
HIGH
Network
|
cisco
|
license_manager
|
A vulnerability in the web interface of Cisco License Manager software could allow an unauthenticated, remote attacker to download and view files within the application that should be restricted, aka…
|
CWE-22
Path Traversal
|
CVE-2017-12263
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
