|
257531
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS X El Capitan 10.11.6 Security Update 2018-002, macOS Sierra 10.12.6 Security Update 2018-…
|
CWE-20
Improper Input Validation
|
CVE-2017-13911
|
2024-11-21 12:11 |
2019-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257532
|
6.5 |
MEDIUM
Network
|
apple
|
iphone_os
|
In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management.
|
CWE-20
Improper Input Validation
|
CVE-2017-13891
|
2024-11-21 12:11 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257533
|
9.8 |
CRITICAL
Network
|
apple
|
mac_os_x
|
In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. This was addressed with improved…
|
CWE-287
Improper Authentication
|
CVE-2017-13889
|
2024-11-21 12:11 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257534
|
7.5 |
HIGH
Network
|
apple
|
iphone_os
|
In iOS before 11.2, a type confusion issue was addressed with improved memory handling.
|
CWE-704
Incorrect Type Conversion or Cast
|
CVE-2017-13888
|
2024-11-21 12:11 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257535
|
7.5 |
HIGH
Network
|
apple
|
mac_os_x
|
In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management.
|
CWE-320
Key Management Errors
|
CVE-2017-13887
|
2024-11-21 12:11 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257536
|
6.5 |
MEDIUM
Network
|
apple
|
mac_os_x
|
In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. This issue was addressed with additional restrictions.
|
NVD-CWE-noinfo
|
CVE-2017-13886
|
2024-11-21 12:11 |
2019-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257537
|
7.5 |
HIGH
Network
|
iceqube
|
thermal_management_center_firmware
|
In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information.
|
CWE-287
Improper Authentication
|
CVE-2017-14026
|
2024-11-21 12:11 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257538
|
6.5 |
MEDIUM
Network
|
netapp
|
oncommand_insight
|
NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are susceptible to clickjacking attacks which could cause a user to perform an unintended action in the user interface.
|
CWE-20
Improper Input Validation
|
CVE-2017-13652
|
2024-11-21 12:11 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257539
|
4.6 |
MEDIUM
Physics
|
bostonscientific
|
zoom_latitude_prm_3120_firmware
|
Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI prior to having it transferred to removable media. CVSS v3 base score: 4.6; CVSS vector string: AV:P/…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-14014
|
2024-11-21 12:11 |
2018-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257540
|
4.6 |
MEDIUM
Physics
|
bostonscientific
|
zoom_latitude_prm_3120_firmware
|
Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2017-14012
|
2024-11-21 12:11 |
2018-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
