|
247031
|
6.7 |
MEDIUM
Local
|
cisco
|
industrial_ethernet_4010_series_firmware
|
A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the stab…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-0088
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247032
|
8.6 |
HIGH
Network
|
cisco
|
unified_customer_voice_portal
|
A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-0086
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247033
|
6.5 |
MEDIUM
Adjacent
|
juniper
|
screenos
|
Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as C…
|
CWE-200
Information Exposure
|
CVE-2018-0014
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247034
|
6.5 |
MEDIUM
Network
|
juniper
|
junos_space
|
A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files from the system.
|
CWE-200
Information Exposure
|
CVE-2018-0013
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247035
|
7.8 |
HIGH
Local
|
juniper
|
junos_space
|
Junos Space is affected by a privilege escalation vulnerability that may allow a local authenticated attacker to gain root privileges.
|
NVD-CWE-noinfo
|
CVE-2018-0012
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247036
|
5.4 |
MEDIUM
Network
|
juniper
|
junos_space
|
A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a sess…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0011
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247037
|
6.5 |
MEDIUM
Network
|
juniper
|
junos_space
|
A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. …
|
CWE-269
Improper Privilege Management
|
CVE-2018-0010
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247038
|
8.8 |
HIGH
Adjacent
|
juniper
|
junos
|
QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended co…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2018-0005
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247039
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against a …
|
CWE-79
Cross-site Scripting
|
CVE-2018-0118
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247040
|
5.9 |
MEDIUM
Network
|
juniper
|
junos
|
On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blo…
|
NVD-CWE-noinfo
|
CVE-2018-0009
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
