|
255651
|
7.5 |
HIGH
Network
|
apple
|
iphone_os
|
In iOS before 11.2, a type confusion issue was addressed with improved memory handling.
|
CWE-704
Incorrect Type Conversion or Cast
|
CVE-2017-13888
|
2024-11-21 12:11 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255652
|
7.5 |
HIGH
Network
|
apple
|
mac_os_x
|
In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management.
|
CWE-320
Key Management Errors
|
CVE-2017-13887
|
2024-11-21 12:11 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255653
|
6.5 |
MEDIUM
Network
|
apple
|
mac_os_x
|
In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. This issue was addressed with additional restrictions.
|
NVD-CWE-noinfo
|
CVE-2017-13886
|
2024-11-21 12:11 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255654
|
7.5 |
HIGH
Network
|
iceqube
|
thermal_management_center_firmware
|
In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information.
|
CWE-287
Improper Authentication
|
CVE-2017-14026
|
2024-11-21 12:11 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255655
|
6.5 |
MEDIUM
Network
|
netapp
|
oncommand_insight
|
NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are susceptible to clickjacking attacks which could cause a user to perform an unintended action in the user interface.
|
CWE-20
Improper Input Validation
|
CVE-2017-13652
|
2024-11-21 12:11 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255656
|
4.6 |
MEDIUM
Physics
|
bostonscientific
|
zoom_latitude_prm_3120_firmware
|
Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI prior to having it transferred to removable media. CVSS v3 base score: 4.6; CVSS vector string: AV:P/…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-14014
|
2024-11-21 12:11 |
2018-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255657
|
4.6 |
MEDIUM
Physics
|
bostonscientific
|
zoom_latitude_prm_3120_firmware
|
Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2017-14012
|
2024-11-21 12:11 |
2018-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255658
|
7.8 |
HIGH
Local
|
spidercontrol
|
scada_microbrowser
|
In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-14010
|
2024-11-21 12:11 |
2018-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255659
|
4.8 |
MEDIUM
Network
|
broadcom
|
advanced_secure_gateway
symantec_proxysg
|
Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can inject arbitrary JavaScript code in the management cons…
|
CWE-79
Cross-site Scripting
|
CVE-2017-13678
|
2024-11-21 12:11 |
2018-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255660
|
7.5 |
HIGH
Network
|
broadcom
|
advanced_secure_gateway
symantec_proxysg
|
Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A remote attacker can use crafted HTTP/HTTPS requests to cause denial-of-service t…
|
NVD-CWE-noinfo
|
CVE-2017-13677
|
2024-11-21 12:11 |
2018-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
