|
250591
|
8.8 |
HIGH
Local
|
vmware
|
workstation_player
workstation_pro
|
VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable. S…
|
NVD-CWE-noinfo
|
CVE-2017-4898
|
2024-11-21 12:26 |
2017-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250592
|
9.8 |
CRITICAL
Network
|
vmware
|
vsphere_data_protection
|
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2017-4917
|
2024-11-21 12:26 |
2017-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250593
|
9.8 |
CRITICAL
Network
|
vmware
|
vsphere_data_protection
|
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-4914
|
2024-11-21 12:26 |
2017-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250594
|
3.3 |
LOW
Local
|
lenovo
|
power_management
|
In the Lenovo Power Management driver before 1.67.12.24, a local user may alter the trackpoint's firmware and stop the trackpoint from functioning correctly. This issue only affects ThinkPad X1 Carbo…
|
NVD-CWE-noinfo
|
CVE-2017-3741
|
2024-11-21 12:26 |
2017-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250595
|
5.5 |
MEDIUM
Local
|
lenovo
|
active_protection_system
|
In Lenovo Active Protection System before 1.82.0.14, an attacker with local privileges could send commands to the system's embedded controller, which could cause a denial of service attack on the sys…
|
NVD-CWE-noinfo
|
CVE-2017-3740
|
2024-11-21 12:26 |
2017-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250596
|
5.5 |
MEDIUM
Local
|
vmware
|
horizon_daas
|
VMware Horizon DaaS before 7.0.0 contains a vulnerability that exists due to insufficient validation of data. An attacker may exploit this issue by tricking DaaS client users into connecting to a mal…
|
CWE-20
Improper Input Validation
|
CVE-2017-4897
|
2024-11-21 12:26 |
2017-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250597
|
6.5 |
MEDIUM
Network
|
vmware
|
workstation_player
workstation_pro
|
VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privilege…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-4916
|
2024-11-21 12:26 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250598
|
7.8 |
HIGH
Local
|
vmware
|
workstation_player
workstation_pro
|
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to …
|
CWE-863
Incorrect Authorization
|
CVE-2017-4915
|
2024-11-21 12:26 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250599
|
7.1 |
HIGH
Network
|
emc
|
isilon_onefs
|
EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneF…
|
NVD-CWE-noinfo
|
CVE-2017-4979
|
2024-11-21 12:26 |
2017-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250600
|
5.4 |
MEDIUM
Network
|
rsa
|
adaptive_authentication_\(on_premise\)
|
EMC RSA Adaptive Authentication (On-Premise) versions prior to 7.3 P2 (exclusive) contains a fix for a cross-site scripting vulnerability that could potentially be exploited by malicious users to com…
|
CWE-79
Cross-site Scripting
|
CVE-2017-4978
|
2024-11-21 12:26 |
2017-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
