|
248221
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_server_2016
windows_10
|
The kernel in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application, aka "Microsoft Graphics …
|
CWE-200
Information Exposure
|
CVE-2017-8575
|
2024-11-21 12:34 |
2017-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248222
|
7.8 |
HIGH
Local
|
microsoft
|
windows_defender
forefront_endpoint_protection
security_essentials
endpoint_protection
windows_intune_endpoint_protection
|
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows S…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8558
|
2024-11-21 12:34 |
2017-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248223
|
4.7 |
MEDIUM
Local
|
microsoft
|
windows_rt_8.1
windows_server_2012
windows_server_2016
windows_7
windows_10
windows_8.1
windows_server_2008
|
The kernel in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 a…
|
CWE-200
Information Exposure
|
CVE-2017-8554
|
2024-11-21 12:34 |
2017-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248224
|
7.5 |
HIGH
Network
|
elastic
|
kibana
|
Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.
|
CWE-769
DEPRECATED: Uncontrolled File Descriptor Consumption
|
CVE-2017-8452
|
2024-11-21 12:34 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248225
|
6.1 |
MEDIUM
Network
|
elastic
|
kibana
|
With X-Pack installed, Kibana versions before 5.3.1 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
|
CWE-601
Open Redirect
|
CVE-2017-8451
|
2024-11-21 12:34 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248226
|
7.5 |
HIGH
Network
|
elastic
|
x-pack
|
X-Pack 5.1.1 did not properly apply document and field level security to multi-search and multi-get requests so users without access to a document and/or field may have been able to access this infor…
|
CWE-200
Information Exposure
|
CVE-2017-8450
|
2024-11-21 12:34 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248227
|
5.9 |
MEDIUM
Network
|
elastic
|
x-pack
|
X-Pack Security 5.2.x would allow access to more fields than the user should have seen if the field level security rules used a mix of grant and exclude rules when merging multiple rules with field l…
|
CWE-200
Information Exposure
|
CVE-2017-8449
|
2024-11-21 12:34 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248228
|
7.8 |
HIGH
Local
|
microsoft
|
windows_xp
windows_server_2003
|
Windows OLE in Windows XP and Windows Server 2003 allows an attacker to execute code when a victim opens a specially crafted file or program aka "Windows olecnv32.dll Remote Code Execution Vulnerabil…
|
NVD-CWE-noinfo
|
CVE-2017-8487
|
2024-11-21 12:34 |
2017-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248229
|
7.8 |
HIGH
Local
|
microsoft
|
windows_xp
windows_server_2003
|
Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a …
|
NVD-CWE-noinfo
|
CVE-2017-8461
|
2024-11-21 12:34 |
2017-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248230
|
4.3 |
MEDIUM
Network
|
microsoft
|
edge
|
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to trick a user into loading a page with malicious content when the Edge Content Security Policy (CSP) fails to properly validate certai…
|
CWE-20
Improper Input Validation
|
CVE-2017-8555
|
2024-11-21 12:34 |
2017-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
