|
251071
|
5.4 |
MEDIUM
Network
|
tenable
|
nessus
|
Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2017-5179
|
2024-11-21 12:27 |
2017-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251072
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient data validation in V8 in Google Chrome prior to 56.0.2924.76 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
CWE-20
Improper Input Validation
|
CVE-2017-5028
|
2024-11-21 12:26 |
2019-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251073
|
6.2 |
MEDIUM
Physics
|
intel
|
nuc_kit_firmware
compute_card_firmware
compute_stick_firmware
|
Improper setting of device configuration in system firmware for Intel(R) NUC kits may allow a privileged user to potentially enable escalation of privilege via physical access.
|
NVD-CWE-noinfo
|
CVE-2017-3718
|
2024-11-21 12:26 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251074
|
7.8 |
HIGH
Local
|
mcafee
|
application_and_change_control
|
Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.
|
CWE-287
Improper Authentication
|
CVE-2017-3912
|
2024-11-21 12:26 |
2018-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251075
|
9.8 |
CRITICAL
Network
|
mcafee
|
epolicy_orchestrator
|
OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows attackers to run arbitrary OS commands with limited privileges via n…
|
CWE-78
OS Command
|
CVE-2017-3936
|
2024-11-21 12:26 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251076
|
9.8 |
CRITICAL
Network
|
mcafee
|
mcafee_threat_intelligence_exchange
|
Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code t…
|
CWE-94
Code Injection
|
CVE-2017-3907
|
2024-11-21 12:26 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251077
|
9.1 |
CRITICAL
Network
|
mcafee
|
network_security_manager
network_data_loss_prevention
|
Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM) before 8.2.7.42.2 and McAfee Network Data Loss Prevention (NDLP) before 9.3.4.1.5 allows remote attackers …
|
CWE-384
Session Fixation
|
CVE-2017-3968
|
2024-11-21 12:26 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251078
|
9.8 |
CRITICAL
Network
|
mcafee
|
network_security_manager
|
Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to crack user passwor…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2017-3962
|
2024-11-21 12:26 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251079
|
8.8 |
HIGH
Network
|
mcafee
|
network_security_manager
|
Exploitation of Authorization vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to gain elevated privileges via a crafted HTT…
|
NVD-CWE-noinfo
|
CVE-2017-3960
|
2024-11-21 12:26 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251080
|
5.4 |
MEDIUM
Network
|
mcafee
|
network_security_manager
|
Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to allow arbitrary HTML code to be reflected in …
|
CWE-79
Cross-site Scripting
|
CVE-2017-3961
|
2024-11-21 12:26 |
2018-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
