|
247981
|
9.8 |
CRITICAL
Network
|
emc
|
scaleio
|
An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root pri…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8020
|
2024-11-21 12:33 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247982
|
7.5 |
HIGH
Network
|
emc
|
scaleio
|
An issue was discovered in EMC ScaleIO 2.0.1.x. A vulnerability in message parsers (MDM, SDS, and LIA) could potentially allow an unauthenticated remote attacker to send specifically crafted packets …
|
CWE-20
Improper Input Validation
|
CVE-2017-8019
|
2024-11-21 12:33 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247983
|
8.4 |
HIGH
Local
|
dell
|
emc_scaleio
|
An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2017-8001
|
2024-11-21 12:33 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247984
|
9.8 |
CRITICAL
Network
|
pivotal_software
|
spring_advanced_message_queuing_protocol
|
In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-8045
|
2024-11-21 12:33 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247985
|
6.1 |
MEDIUM
Network
|
vmware
|
single_sign-on_for_pivotal_cloud_foundry
|
In Pivotal Single Sign-On for PCF (1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3), certain pages allow code to be injected into the DOM environment through query parameters, leading…
|
CWE-79
Cross-site Scripting
|
CVE-2017-8044
|
2024-11-21 12:33 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247986
|
5.9 |
MEDIUM
Network
|
pivotal
|
spring_web_flow
|
An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default (i.e., …
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2017-8039
|
2024-11-21 12:33 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247987
|
8.8 |
HIGH
Network
|
pivotal_software
|
credhub-release
|
In Cloud Foundry Foundation Credhub-release version 1.1.0, access control lists (ACLs) enforce whether an authenticated user can perform an operation on a credential. For installations using ACLs, th…
|
NVD-CWE-noinfo
|
CVE-2017-8038
|
2024-11-21 12:33 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247988
|
5.3 |
MEDIUM
Network
|
cloudfoundry
|
cf-release
uaa-release
|
An issue was discovered in Cloud Foundry Foundation cf-release (all versions prior to v279) and UAA (30.x versions prior to 30.6, 45.x versions prior to 45.4, 52.x versions prior to 52.1). In some ca…
|
NVD-CWE-noinfo
|
CVE-2017-8031
|
2024-11-21 12:33 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247989
|
8.1 |
HIGH
Network
|
pivotal_software
debian
|
spring-ldap
debian_linux
|
In Pivotal Spring-LDAP versions 1.3.0 - 2.3.1, when connected to some LDAP servers, when no additional attributes are bound, and when using LDAP BindAuthenticator with org.springframework.ldap.core.s…
|
CWE-287
Improper Authentication
|
CVE-2017-8028
|
2024-11-21 12:33 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247990
|
5.5 |
MEDIUM
Local
|
huawei
|
p10_lite_firmware
|
Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission control vulnerability. Due to improper authorization o…
|
CWE-863
Incorrect Authorization
|
CVE-2017-8216
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
