|
248931
|
6.5 |
MEDIUM
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/po…
|
CWE-22
Path Traversal
|
CVE-2017-9382
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248932
|
8.8 |
HIGH
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a web user interface that allows a user to manage the device. As a part of the functionality the devi…
|
CWE-77
Command Injection
|
CVE-2017-9384
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248933
|
8.8 |
HIGH
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a user with the capability of installing or deleting apps on the device using the web management inte…
|
CWE-352
Origin Validation Error
|
CVE-2017-9381
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248934
|
8.8 |
HIGH
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a web user interface that allows a user to manage the device. As a part of the functionality the devi…
|
CWE-77
Command Injection
|
CVE-2017-9388
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248935
|
6.5 |
MEDIUM
Network
|
zohocorp
|
manageengine_servicedesk_plus
|
ManageEngine ServiceDesk Plus before 9314 contains a local file inclusion vulnerability in the defModule parameter in DefaultConfigDef.do and AssetDefaultConfigDef.do.
|
CWE-20
Improper Input Validation
|
CVE-2017-9376
|
2024-11-21 12:35 |
2019-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248936
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_servicedesk_plus
|
ManageEngine ServiceDesk Plus before 9312 contains an XML injection at add Configuration items CMDB API.
|
CWE-611
XXE
|
CVE-2017-9362
|
2024-11-21 12:35 |
2019-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248937
|
9.8 |
CRITICAL
Network
|
bitdefender
|
gravityzone
|
Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2017-8931
|
2024-11-21 12:35 |
2018-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248938
|
7.5 |
HIGH
Network
|
hp
|
arubaos
|
Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities cou…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9003
|
2024-11-21 12:35 |
2018-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248939
|
6.1 |
MEDIUM
Network
|
hp
|
aruba_clearpass_policy_manager
|
All versions of Aruba ClearPass prior to 6.6.8 contain reflected cross-site scripting vulnerabilities. By exploiting this vulnerability, an attacker who can trick a logged-in ClearPass administrative…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9002
|
2024-11-21 12:35 |
2018-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248940
|
8.1 |
HIGH
Network
|
hp
|
aruba_clearpass_policy_manager
|
Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login failures through SSH. When this feature is enabled, an unauthentic…
|
NVD-CWE-noinfo
|
CVE-2017-9001
|
2024-11-21 12:35 |
2018-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
