|
257871
|
7.7 |
HIGH
Network
|
netapp
|
clustered_data_ontap
|
NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote authenticated users to read data on other Storage Virtual Machines (SVMs) via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2017-12423
|
2024-11-21 12:09 |
2017-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257872
|
8.8 |
HIGH
Network
|
netapp
|
clustered_data_ontap
|
NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote authenticated users to execute arbitrary code on the storage controller via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2017-12421
|
2024-11-21 12:09 |
2017-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257873
|
6.5 |
MEDIUM
Network
|
netapp
|
storagegrid_webscale
|
NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors.
|
CWE-269
Improper Privilege Management
|
CVE-2017-12422
|
2024-11-21 12:09 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257874
|
7.8 |
HIGH
Local
|
qpdf_project
|
qpdf
|
The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service (stack consumption and segmentation fault) or possibly have…
|
CWE-20
Improper Input Validation
|
CVE-2017-12595
|
2024-11-21 12:09 |
2017-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257875
|
8.8 |
HIGH
Network
|
asus
|
dsl-n10s_firmware
|
ASUS DSL-N10S V2.1.16_APAC devices allow CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2017-12593
|
2024-11-21 12:09 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257876
|
8.8 |
HIGH
Network
|
asus
|
dsl-n10s_firmware
|
ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation vulnerability. A normal user can escalate its privilege and perform administrative actions. There is no mapping of users with their priv…
|
NVD-CWE-noinfo
|
CVE-2017-12592
|
2024-11-21 12:09 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257877
|
5.4 |
MEDIUM
Network
|
asus
|
dsl-n10s_firmware
|
ASUS DSL-N10S V2.1.16_APAC devices have reflected and stored cross site scripting, as demonstrated by the snmpSysName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-12591
|
2024-11-21 12:09 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257878
|
8.8 |
HIGH
Network
|
tomaxcom
|
r60g_firmware
r60gv2_firmware
|
ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any protection against a CSRF attack.
|
CWE-352
Origin Validation Error
|
CVE-2017-12589
|
2024-11-21 12:09 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257879
|
8.8 |
HIGH
Network
|
netapp
|
clustered_data_ontap
|
Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12420
|
2024-11-21 12:09 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257880
|
9.8 |
CRITICAL
Network
|
qnap
|
ts-212p_firmware
|
Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P devices with firmware 4.2.1 build 20160601. Unprivileged user cannot login at front end but with that u…
|
CWE-862
Missing Authorization
|
CVE-2017-12582
|
2024-11-21 12:09 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
