|
249981
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "AppSandbox" component. It allows attackers to cause a denial of service via a crafted app.
|
CWE-20
Improper Input Validation
|
CVE-2017-7074
|
2024-11-21 12:31 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249982
|
5.5 |
MEDIUM
Local
|
apple
|
iphone_os
|
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "iBooks" component. It allows remote attackers to cause a denial of service (persistent outage) vi…
|
CWE-20
Improper Input Validation
|
CVE-2017-7072
|
2024-11-21 12:31 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249983
|
5.4 |
MEDIUM
Network
|
purestorage
|
purity
|
Stored Cross-site scripting (XSS) vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System > Configu…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7352
|
2024-11-21 12:31 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249984
|
7.8 |
HIGH
Local
|
sophos
|
hitmanpro
|
In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7441
|
2024-11-21 12:31 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249985
|
6.5 |
MEDIUM
Network
|
microfocus
|
enterprise_server
enterprise_developer
|
A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote auth…
|
CWE-22
Path Traversal
|
CVE-2017-7424
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249986
|
8.8 |
HIGH
Network
|
microfocus
|
enterprise_server
enterprise_developer
|
A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow…
|
CWE-352
Origin Validation Error
|
CVE-2017-7423
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249987
|
5.4 |
MEDIUM
Network
|
microfocus
|
enterprise_server
enterprise_developer
|
Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 be…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7422
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249988
|
9.8 |
CRITICAL
Network
|
microfocus
|
enterprise_server_monitor_and_control
enterprise_developer
enterprise_server
|
An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Ho…
|
CWE-287
Improper Authentication
|
CVE-2017-7420
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249989
|
6.1 |
MEDIUM
Network
|
microfocus
|
enterprise_server_monitor_and_control
enterprise_developer
enterprise_server
directory_server
|
Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in Directory Server (aka Enterprise Server Administration web UI) and ESMAC (aka Enterprise Server Monitor and Control) in Micr…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7421
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249990
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (whi…
|
CWE-416
Use After Free
|
CVE-2017-7364
|
2024-11-21 12:31 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
