|
250691
|
4.5 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2017-4015
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250692
|
8.0 |
HIGH
Network
|
mcafee
|
network_data_loss_prevention
|
Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view, add, and remove users via modification of the HTTP requ…
|
CWE-384
Session Fixation
|
CVE-2017-4014
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250693
|
5.3 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
Banner Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to obtain product information via HTTP response header.
|
CWE-200
Information Exposure
|
CVE-2017-4013
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250694
|
6.5 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
Privilege Escalation vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via modification of the HTTP re…
|
NVD-CWE-noinfo
|
CVE-2017-4012
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250695
|
6.1 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
Embedding Script (XSS) in HTTP Headers vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of th…
|
CWE-79
Cross-site Scripting
|
CVE-2017-4011
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250696
|
9.6 |
CRITICAL
Adjacent
|
cisco
|
small_business_rv_router_firmware
small_business_rv_router_firmware_1.0
|
A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-3882
|
2024-11-21 12:26 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250697
|
7.5 |
HIGH
Network
|
cisco
|
ios_xr
|
A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected devi…
|
NVD-CWE-noinfo
|
CVE-2017-3876
|
2024-11-21 12:26 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250698
|
7.5 |
HIGH
Adjacent
|
cisco
|
aironet_access_point_firmware
|
A vulnerability in the Plug-and-Play (PnP) subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight Access Point (AP) or Mobility Express image could allow an un…
|
CWE-20
Improper Input Validation
|
CVE-2017-3873
|
2024-11-21 12:26 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250699
|
7.5 |
HIGH
Network
|
cisco
|
telepresence_tc
telepresence_ce
|
A vulnerability in the ICMP ingress packet processing of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause the TelePresence endpoint to …
|
CWE-20
Improper Input Validation
|
CVE-2017-3825
|
2024-11-21 12:26 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250700
|
6.1 |
MEDIUM
Network
|
blackberry
|
enterprise_service
unified_endpoint_manager
|
A stored cross site scripting vulnerability in the Management Console of BlackBerry Unified Endpoint Manager version 12.6.1 and earlier, and all versions of BES12, allows attackers to execute actions…
|
CWE-79
Cross-site Scripting
|
CVE-2017-3894
|
2024-11-21 12:26 |
2017-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
