|
248911
|
9.8 |
CRITICAL
Network
|
microfocus
|
enterprise_server_monitor_and_control
enterprise_developer
enterprise_server
|
An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Ho…
|
CWE-287
Improper Authentication
|
CVE-2017-7420
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248912
|
6.1 |
MEDIUM
Network
|
microfocus
|
enterprise_server_monitor_and_control
enterprise_developer
enterprise_server
directory_server
|
Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in Directory Server (aka Enterprise Server Administration web UI) and ESMAC (aka Enterprise Server Monitor and Control) in Micr…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7421
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248913
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (whi…
|
CWE-416
Use After Free
|
CVE-2017-7364
|
2024-11-21 12:31 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248914
|
9.8 |
CRITICAL
Network
|
aptus
|
styra_porttelefonkort_4400_firmware
|
Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2017-7278
|
2024-11-21 12:31 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248915
|
8.8 |
HIGH
Network
|
gonitro
|
nitro_pro
|
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.
|
CWE-22
Path Traversal
|
CVE-2017-7442
|
2024-11-21 12:31 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248916
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortiwlm
|
A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote attacker to log-in and execute commands with 'upgrade' account privileges.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-7336
|
2024-11-21 12:31 |
2017-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248917
|
9.8 |
CRITICAL
Network
|
rootkit_hunter_project
|
rootkit_hunter
|
rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.
|
CWE-417
Channel and Path Errors
|
CVE-2017-7480
|
2024-11-21 12:31 |
2017-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248918
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
watchos
mac_os_x
tvos
|
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involve…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7069
|
2024-11-21 12:31 |
2017-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248919
|
8.8 |
HIGH
Network
|
apple
|
iphone_os
watchos
mac_os_x
tvos
|
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involve…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7068
|
2024-11-21 12:31 |
2017-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248920
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a c…
|
NVD-CWE-noinfo
|
CVE-2017-7067
|
2024-11-21 12:31 |
2017-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
