|
250081
|
6.1 |
MEDIUM
Network
|
brocade
broadcom
|
fabric_os
fabric_operating_system
|
Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allo…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6225
|
2024-11-21 12:29 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250082
|
8.1 |
HIGH
Network
|
sandstorm
|
sandstorm
|
A Server Side Request Forgery vulnerability exists in the install app process in Sandstorm before build 0.203. A remote attacker may exploit this issue by providing a URL. It could bypass access cont…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2017-6201
|
2024-11-21 12:29 |
2018-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250083
|
6.5 |
MEDIUM
Network
|
sandstorm
|
sandstorm
|
Sandstorm before build 0.203 allows remote attackers to read any specified file under /etc or /run via the sandbox backup function. The root cause is that the findFilesToZip function doesn't filter L…
|
CWE-200
Information Exposure
|
CVE-2017-6200
|
2024-11-21 12:29 |
2018-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250084
|
9.8 |
CRITICAL
Network
|
sandstorm
|
sandstorm
|
A remote attacker could bypass the Sandstorm organization restriction before build 0.203 via a comma in an email-address field.
|
CWE-287
Improper Authentication
|
CVE-2017-6199
|
2024-11-21 12:29 |
2018-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250085
|
6.5 |
MEDIUM
Network
|
sandstorm
|
sandstorm
|
The Supervisor in Sandstorm doesn't set and enforce the resource limits of a process. This allows remote attackers to cause a denial of service by launching a fork bomb in the sandbox, or by using a …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-6198
|
2024-11-21 12:29 |
2018-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250086
|
7.8 |
HIGH
Local
|
google
|
android
|
NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-6279
|
2024-11-21 12:29 |
2018-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250087
|
7.8 |
HIGH
Local
|
google
|
android
|
NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-6258
|
2024-11-21 12:29 |
2018-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250088
|
6.8 |
MEDIUM
Network
|
f5
|
big-ip_policy_enforcement_manager
|
In versions 13.0.0, 12.0.0-12.1.3, or 11.6.0-11.6.2, an F5 BIG-IP virtual server using the URL categorization feature may cause the Traffic Management Microkernel (TMM) to produce a core file when it…
|
CWE-20
Improper Input Validation
|
CVE-2017-6169
|
2024-11-21 12:29 |
2018-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250089
|
4.8 |
MEDIUM
Network
|
f5
|
big-ip_advanced_firewall_manager
|
X509 certificate verification was not correctly implemented in the early access "user id" feature in the F5 BIG-IP Advanced Firewall Manager versions 13.0.0, 12.1.0-12.1.2, and 11.6.0-11.6.2, and thu…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-6142
|
2024-11-21 12:29 |
2018-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250090
|
7.5 |
HIGH
Network
|
f5
|
big-ip_local_traffic_manager
big-ip_application_acceleration_manager
big-ip_advanced_firewall_manager
big-ip_analytics
big-ip_access_policy_manager
big-ip_application_security_manager<…
|
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being execute…
|
CWE-362
Race Condition
|
CVE-2017-6167
|
2024-11-21 12:29 |
2017-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
