|
250721
|
5.9 |
MEDIUM
Network
|
openssl
debian
|
openssl
debian_linux
|
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and w…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2017-3737
|
2024-11-21 12:26 |
2017-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250722
|
5.9 |
MEDIUM
Network
|
vmware
|
nsx-v_edge
|
The implementation of the OSPF protocol in VMware NSX-V Edge 6.2.x prior to 6.2.8 and NSX-V Edge 6.3.x prior to 6.3.3 doesn't correctly handle the link-state advertisement (LSA). A rogue LSA may expl…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-4920
|
2024-11-21 12:26 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250723
|
5.3 |
MEDIUM
Network
|
lenovo
|
xclarity_administrator
|
A vulnerability was identified in Lenovo XClarity Administrator (LXCA) before 1.4.0 where LXCA user account names may be exposed to unauthenticated users with access to the LXCA web user interface. N…
|
CWE-200
Information Exposure
|
CVE-2017-3764
|
2024-11-21 12:26 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250724
|
8.1 |
HIGH
Network
|
vmware
|
spring_security
|
An issue was discovered in Pivotal Spring Security 4.2.0.RELEASE through 4.2.2.RELEASE, and Spring Security 5.0.0.M1. When configured to enable default typing, Jackson contained a deserialization vul…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-4995
|
2024-11-21 12:26 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250725
|
7.8 |
HIGH
Local
|
vmware
|
workstation
|
VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. This issue may allow an attacker to load a DLL…
|
CWE-426
Untrusted Search Path
|
CVE-2017-4939
|
2024-11-21 12:26 |
2017-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250726
|
6.5 |
MEDIUM
Local
|
vmware
|
workstation
fusion
|
VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a guest RPC NULL pointer dereference vulnerability. Successful exploitation of this issue may allow attackers with normal…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-4938
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250727
|
7.8 |
HIGH
Local
|
vmware
|
workstation
horizon_view
|
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this m…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-4937
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250728
|
7.8 |
HIGH
Local
|
vmware
|
workstation
horizon_view
|
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this m…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-4936
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250729
|
8.8 |
HIGH
Local
|
vmware
|
workstation
fusion
|
VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a heap buffer-overflow vulnerability in VMNAT device. This issue may allow a guest to execute code on the host.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-4934
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250730
|
6.1 |
MEDIUM
Network
|
vmware
|
nsx_edge
|
VMware NSX Edge (6.2.x before 6.2.9 and 6.3.x before 6.3.5) contains a moderate Cross-Site Scripting (XSS) issue which may lead to information disclosure.
|
CWE-79
Cross-site Scripting
|
CVE-2017-4929
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
