|
258291
|
8.6 |
HIGH
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial …
|
CWE-20
Improper Input Validation
|
CVE-2017-12244
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258292
|
9.8 |
CRITICAL
Network
|
ipswitch
|
imail_server
|
Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETRE or ETCTERARED.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12639
|
2024-11-21 12:09 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258293
|
9.8 |
CRITICAL
Network
|
ipswitch
|
imail_server
|
Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETBL or ETCETERABLUE.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12638
|
2024-11-21 12:09 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258294
|
9.8 |
CRITICAL
Network
|
apache
|
opennlp
|
When loading models or dictionaries that contain XML it is possible to perform an XXE attack, since Apache OpenNLP is a library, this only affects applications that load models or dictionaries from u…
|
CWE-611
XXE
|
CVE-2017-12620
|
2024-11-21 12:09 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258295
|
6.8 |
MEDIUM
Physics
|
cisco
|
ios_xe
|
A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation Services Routers and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-12239
|
2024-11-21 12:09 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258296
|
9.8 |
CRITICAL
Network
|
cisco
|
ios_xe
|
A vulnerability in the implementation of the Locator/ID Separation Protocol (LISP) in Cisco IOS XE 3.2 through 16.5 could allow an unauthenticated, remote attacker using an x tunnel router to bypass …
|
CWE-287
Improper Authentication
|
CVE-2017-12236
|
2024-11-21 12:09 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258297
|
8.8 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authenticated, remote attacker to elevate their privileges on an affected device. The vulnerability is due…
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-12230
|
2024-11-21 12:09 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258298
|
9.8 |
CRITICAL
Network
|
cisco
|
ios_xe
|
A vulnerability in the REST API of the web-based user interface (web UI) of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated, remote attacker to bypass authentication to the REST API of t…
|
CWE-287
Improper Authentication
|
CVE-2017-12229
|
2024-11-21 12:09 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258299
|
5.9 |
MEDIUM
Network
|
cisco
|
ios
ios_xe
|
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized ac…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-12228
|
2024-11-21 12:09 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258300
|
8.8 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E (Wireless) Switches, and Cisco Ne…
|
CWE-20
Improper Input Validation
|
CVE-2017-12226
|
2024-11-21 12:09 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
