|
248171
|
8.4 |
HIGH
Local
|
dell
|
emc_scaleio
|
An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2017-8001
|
2024-11-21 12:33 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248172
|
9.8 |
CRITICAL
Network
|
pivotal_software
|
spring_advanced_message_queuing_protocol
|
In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-8045
|
2024-11-21 12:33 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248173
|
6.1 |
MEDIUM
Network
|
vmware
|
single_sign-on_for_pivotal_cloud_foundry
|
In Pivotal Single Sign-On for PCF (1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3), certain pages allow code to be injected into the DOM environment through query parameters, leading…
|
CWE-79
Cross-site Scripting
|
CVE-2017-8044
|
2024-11-21 12:33 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248174
|
5.9 |
MEDIUM
Network
|
pivotal
|
spring_web_flow
|
An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default (i.e., …
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2017-8039
|
2024-11-21 12:33 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248175
|
8.8 |
HIGH
Network
|
pivotal_software
|
credhub-release
|
In Cloud Foundry Foundation Credhub-release version 1.1.0, access control lists (ACLs) enforce whether an authenticated user can perform an operation on a credential. For installations using ACLs, th…
|
NVD-CWE-noinfo
|
CVE-2017-8038
|
2024-11-21 12:33 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248176
|
5.3 |
MEDIUM
Network
|
cloudfoundry
|
cf-release
uaa-release
|
An issue was discovered in Cloud Foundry Foundation cf-release (all versions prior to v279) and UAA (30.x versions prior to 30.6, 45.x versions prior to 45.4, 52.x versions prior to 52.1). In some ca…
|
NVD-CWE-noinfo
|
CVE-2017-8031
|
2024-11-21 12:33 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248177
|
8.1 |
HIGH
Network
|
pivotal_software
debian
|
spring-ldap
debian_linux
|
In Pivotal Spring-LDAP versions 1.3.0 - 2.3.1, when connected to some LDAP servers, when no additional attributes are bound, and when using LDAP BindAuthenticator with org.springframework.ldap.core.s…
|
CWE-287
Improper Authentication
|
CVE-2017-8028
|
2024-11-21 12:33 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248178
|
5.5 |
MEDIUM
Local
|
huawei
|
p10_lite_firmware
|
Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission control vulnerability. Due to improper authorization o…
|
CWE-863
Incorrect Authorization
|
CVE-2017-8216
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248179
|
5.3 |
MEDIUM
Network
|
huawei
|
smc2.0_firmware
|
Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an inp…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-8213
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248180
|
6.8 |
MEDIUM
Physics
|
huawei
|
honor_7_lite_firmware
|
HONOR 7 Lite mobile phones with software of versions earlier than NEM-L21C432B352 have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use ap…
|
NVD-CWE-noinfo
|
CVE-2017-8206
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
