|
258521
|
4.3 |
MEDIUM
Network
|
cisco
|
unified_communications_domain_manager
|
A vulnerability in the Cisco Unified Communications Manager SQL database interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL…
|
CWE-89
SQL Injection
|
CVE-2017-12302
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258522
|
5.8 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message…
|
CWE-20
Improper Input Validation
|
CVE-2017-12300
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258523
|
5.3 |
MEDIUM
Network
|
cisco
|
firepower_extensible_operating_system
|
A vulnerability exists in the process of creating default IP blocks during device initialization for Cisco ASA Next-Generation Firewall Services that could allow an unauthenticated, remote attacker t…
|
CWE-20
Improper Input Validation
|
CVE-2017-12299
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258524
|
6.1 |
MEDIUM
Network
|
cisco
|
email_encryption
|
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) …
|
CWE-79
Cross-site Scripting
|
CVE-2017-12292
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258525
|
6.1 |
MEDIUM
Network
|
cisco
|
email_encryption
|
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) …
|
CWE-79
Cross-site Scripting
|
CVE-2017-12291
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258526
|
6.1 |
MEDIUM
Network
|
cisco
|
email_encryption
|
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) …
|
CWE-79
Cross-site Scripting
|
CVE-2017-12290
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258527
|
9.8 |
CRITICAL
Network
|
apache
|
camel
|
The camel-castor component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security f…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-12634
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258528
|
9.8 |
CRITICAL
Network
|
apache
|
camel
|
The camel-hessian component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-12633
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258529
|
7.2 |
HIGH
Network
|
apache
|
couchdb
|
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by Couch…
|
CWE-78
OS Command
|
CVE-2017-12636
|
2024-11-21 12:09 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258530
|
9.8 |
CRITICAL
Network
|
apache
|
couchdb
|
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys …
|
CWE-269
Improper Privilege Management
|
CVE-2017-12635
|
2024-11-21 12:09 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
