|
255671
|
7.5 |
HIGH
Network
|
netapp
|
clustered_data_ontap
|
NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enabled, allows remote attackers to cause a denial of service via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2017-5988
|
2024-11-21 12:28 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255672
|
9.8 |
CRITICAL
Network
|
atlassian
|
jira
|
The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-5983
|
2024-11-21 12:28 |
2017-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255673
|
7.8 |
HIGH
Local
|
schneider-electric
|
interactive_graphical_scada_system
|
A DLL Hijacking issue was discovered in Schneider Electric Interactive Graphical SCADA System (IGSS) Software, Version 12 and previous versions. The software will execute a malicious file if it is na…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-6033
|
2024-11-21 12:28 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255674
|
7.5 |
HIGH
Network
|
schneider-electric
|
conext_combox_865-1058_firmware
|
An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-6019
|
2024-11-21 12:28 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255675
|
7.5 |
HIGH
Network
|
starscream_project
|
starscream
|
WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in the stream function (this is too late; pinning should occur in the initStreamsWithData function).
|
CWE-295
Improper Certificate Validation
|
CVE-2017-5887
|
2024-11-21 12:28 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255676
|
7.5 |
HIGH
Network
|
apache
|
geode
|
Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager property, allows remote authenticated users with CLUSTER:READ but not DATA:READ permission to access the…
|
CWE-200
Information Exposure
|
CVE-2017-5649
|
2024-11-21 12:28 |
2017-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255677
|
4.6 |
MEDIUM
Physics
|
riverbed
|
rios
|
Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program (not shred or srm), which makes it easier for physically proximate attackers to obtain sensitive information by reading raw di…
|
CWE-200
Information Exposure
|
CVE-2017-5670
|
2024-11-21 12:28 |
2017-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255678
|
7.8 |
HIGH
Local
|
intel
|
hardware_accelerated_execution_manager
|
Privilege escalation in IntelHAXM.sys driver in the Intel Hardware Accelerated Execution Manager before version 6.0.6 allows a local user to gain system level access.
|
NVD-CWE-noinfo
|
CVE-2017-5683
|
2024-11-21 12:28 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255679
|
3.9 |
LOW
Physics
|
intel
|
nuc6i3syh_bios
nuc6i3syk_bios
|
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may allow may allow an attacker with physical access to the system to gain access to personal information.
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-5686
|
2024-11-21 12:28 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255680
|
3.9 |
LOW
Physics
|
intel
|
nuc6i7kyk_bios
|
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information.
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-5685
|
2024-11-21 12:28 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
