|
251001
|
5.8 |
MEDIUM
Network
|
cisco
|
staros
|
A vulnerability in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunn…
|
NVD-CWE-noinfo
|
CVE-2017-3865
|
2024-11-21 12:26 |
2017-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251002
|
9.8 |
CRITICAL
Network
|
dell
|
emc_vasa_provider_virtual_appliance
|
EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affect…
|
CWE-20
Improper Input Validation
|
CVE-2017-4997
|
2024-11-21 12:26 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251003
|
6.4 |
MEDIUM
Physics
|
google
|
android
|
On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation…
|
NVD-CWE-noinfo
|
CVE-2017-3750
|
2024-11-21 12:26 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251004
|
6.4 |
MEDIUM
Physics
|
google
|
android
|
On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in …
|
NVD-CWE-noinfo
|
CVE-2017-3749
|
2024-11-21 12:26 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251005
|
7.8 |
HIGH
Local
|
google
|
android
|
On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly k…
|
NVD-CWE-noinfo
|
CVE-2017-3748
|
2024-11-21 12:26 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251006
|
5.5 |
MEDIUM
Local
|
lenovo
|
nerve_center
|
Privilege escalation vulnerability in Lenovo Nerve Center for Windows 10 on Desktop systems (Lenovo Nerve Center for notebook systems is not affected) that could allow an attacker with local privileg…
|
NVD-CWE-noinfo
|
CVE-2017-3747
|
2024-11-21 12:26 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251007
|
5.4 |
MEDIUM
Network
|
mcafee
|
data_loss_prevention_endpoint
|
Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecti…
|
CWE-79
Cross-site Scripting
|
CVE-2017-3948
|
2024-11-21 12:26 |
2017-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251008
|
9.8 |
CRITICAL
Network
|
emc
|
avamar_server
|
In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file upload feature of the system maintenance page to load a maliciously …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2017-4990
|
2024-11-21 12:26 |
2017-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251009
|
9.8 |
CRITICAL
Network
|
emc
|
avamar_server
|
In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to th…
|
CWE-287
Improper Authentication
|
CVE-2017-4989
|
2024-11-21 12:26 |
2017-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251010
|
7.2 |
HIGH
Network
|
emc
|
isilon_onefs
|
EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected syste…
|
NVD-CWE-noinfo
|
CVE-2017-4988
|
2024-11-21 12:26 |
2017-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
