|
251061
|
5.4 |
MEDIUM
Network
|
rsa
|
adaptive_authentication_\(on_premise\)
|
EMC RSA Adaptive Authentication (On-Premise) versions prior to 7.3 P2 (exclusive) contains a fix for a cross-site scripting vulnerability that could potentially be exploited by malicious users to com…
|
CWE-79
Cross-site Scripting
|
CVE-2017-4978
|
2024-11-21 12:26 |
2017-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251062
|
7.2 |
HIGH
Network
|
mcafee
|
epolicy_orchestrator
|
A directory traversal vulnerability in the ePO Extension in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, and 5.1.3 and earlier allows remote authenticated users to execute a command of their choic…
|
CWE-22
Path Traversal
|
CVE-2017-3980
|
2024-11-21 12:26 |
2017-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251063
|
5.3 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
User Name Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to view user information via the appliance web interface.
|
CWE-200
Information Exposure
|
CVE-2017-4017
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251064
|
5.3 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
Web Server method disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to exploit and find another hole via HTTP response header.
|
CWE-200
Information Exposure
|
CVE-2017-4016
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251065
|
4.5 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2017-4015
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251066
|
8.0 |
HIGH
Network
|
mcafee
|
network_data_loss_prevention
|
Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view, add, and remove users via modification of the HTTP requ…
|
CWE-384
Session Fixation
|
CVE-2017-4014
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251067
|
5.3 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
Banner Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to obtain product information via HTTP response header.
|
CWE-200
Information Exposure
|
CVE-2017-4013
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251068
|
6.5 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
Privilege Escalation vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via modification of the HTTP re…
|
NVD-CWE-noinfo
|
CVE-2017-4012
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251069
|
6.1 |
MEDIUM
Network
|
mcafee
|
network_data_loss_prevention
|
Embedding Script (XSS) in HTTP Headers vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of th…
|
CWE-79
Cross-site Scripting
|
CVE-2017-4011
|
2024-11-21 12:26 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251070
|
9.6 |
CRITICAL
Adjacent
|
cisco
|
small_business_rv_router_firmware
small_business_rv_router_firmware_1.0
|
A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-3882
|
2024-11-21 12:26 |
2017-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
