|
250531
|
6.1 |
MEDIUM
Network
|
vmware
|
esxi
|
The ESXi Host Client in VMware ESXi (6.5 before ESXi650-201712103-SG, 5.5 before ESXi600-201711103-SG and 5.5 before ESXi550-201709102-SG) contains a vulnerability that may allow for stored cross-sit…
|
CWE-79
Cross-site Scripting
|
CVE-2017-4940
|
2024-11-21 12:26 |
2017-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250532
|
8.8 |
HIGH
Network
|
vmware
|
workstation_pro
esxi
fusion
|
VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap ov…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-4933
|
2024-11-21 12:26 |
2017-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250533
|
4.9 |
MEDIUM
Network
|
vmware
|
airwatch_console
|
VMware AirWatch Console (AWC) contains a Broken Access Control vulnerability. Successful exploitation of this issue could result in end-user device details being disclosed to an unauthorized administ…
|
NVD-CWE-noinfo
|
CVE-2017-4942
|
2024-11-21 12:26 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250534
|
5.9 |
MEDIUM
Network
|
openssl
debian
nodejs
|
openssl
debian_linux
node.js
|
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA…
|
CWE-200
Information Exposure
|
CVE-2017-3738
|
2024-11-21 12:26 |
2017-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250535
|
5.9 |
MEDIUM
Network
|
openssl
debian
|
openssl
debian_linux
|
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and w…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2017-3737
|
2024-11-21 12:26 |
2017-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250536
|
5.9 |
MEDIUM
Network
|
vmware
|
nsx-v_edge
|
The implementation of the OSPF protocol in VMware NSX-V Edge 6.2.x prior to 6.2.8 and NSX-V Edge 6.3.x prior to 6.3.3 doesn't correctly handle the link-state advertisement (LSA). A rogue LSA may expl…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-4920
|
2024-11-21 12:26 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250537
|
5.3 |
MEDIUM
Network
|
lenovo
|
xclarity_administrator
|
A vulnerability was identified in Lenovo XClarity Administrator (LXCA) before 1.4.0 where LXCA user account names may be exposed to unauthenticated users with access to the LXCA web user interface. N…
|
CWE-200
Information Exposure
|
CVE-2017-3764
|
2024-11-21 12:26 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250538
|
8.1 |
HIGH
Network
|
vmware
|
spring_security
|
An issue was discovered in Pivotal Spring Security 4.2.0.RELEASE through 4.2.2.RELEASE, and Spring Security 5.0.0.M1. When configured to enable default typing, Jackson contained a deserialization vul…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-4995
|
2024-11-21 12:26 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250539
|
7.8 |
HIGH
Local
|
vmware
|
workstation
|
VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. This issue may allow an attacker to load a DLL…
|
CWE-426
Untrusted Search Path
|
CVE-2017-4939
|
2024-11-21 12:26 |
2017-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250540
|
6.5 |
MEDIUM
Local
|
vmware
|
workstation
fusion
|
VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a guest RPC NULL pointer dereference vulnerability. Successful exploitation of this issue may allow attackers with normal…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-4938
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
