|
256091
|
5.5 |
MEDIUM
Local
|
lenovo
|
active_protection_system
|
In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the sys…
|
NVD-CWE-noinfo
|
CVE-2017-3740
|
2024-11-21 12:26 |
2017-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256092
|
5.5 |
MEDIUM
Local
|
vmware
|
horizon_daas
|
VMware Horizon DaaS before 7.0.0 contains a vulnerability that exists due to insufficient validation of data. An attacker may exploit this issue by tricking DaaS client users into connecting to a mal…
|
CWE-20
Improper Input Validation
|
CVE-2017-4897
|
2024-11-21 12:26 |
2017-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256093
|
6.5 |
MEDIUM
Network
|
vmware
|
workstation_player
workstation_pro
|
VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privilege…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-4916
|
2024-11-21 12:26 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256094
|
7.8 |
HIGH
Local
|
vmware
|
workstation_player
workstation_pro
|
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to …
|
CWE-863
Incorrect Authorization
|
CVE-2017-4915
|
2024-11-21 12:26 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256095
|
7.1 |
HIGH
Network
|
emc
|
isilon_onefs
|
EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneF…
|
NVD-CWE-noinfo
|
CVE-2017-4979
|
2024-11-21 12:26 |
2017-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256096
|
5.4 |
MEDIUM
Network
|
rsa
|
adaptive_authentication_\(on_premise\)
|
EMC RSA Adaptive Authentication (On-Premise) versions prior to 7.3 P2 (exclusive) contains a fix for a cross-site scripting vulnerability that could potentially be exploited by malicious users to com…
|
CWE-79
Cross-site Scripting
|
CVE-2017-4978
|
2024-11-21 12:26 |
2017-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256097
|
7.2 |
HIGH
Network
|
mcafee
|
epolicy_orchestrator
|
A directory traversal vulnerability in the ePO Extension in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, and 5.1.3 and earlier allows remote authenticated users to execute a command of their choic…
|
CWE-22
Path Traversal
|
CVE-2017-3980
|
2024-11-21 12:26 |
2017-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256098
|
5.3 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
User Name Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to view user information via the appliance web interface.
|
CWE-200
Information Exposure
|
CVE-2017-4017
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256099
|
5.3 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
Web Server method disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to exploit and find another hole via HTTP response header.
|
CWE-200
Information Exposure
|
CVE-2017-4016
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256100
|
4.5 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2017-4015
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
