|
252201
|
5.3 |
MEDIUM
Network
|
apple
|
iphone_os
mac_os_x
|
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote attackers to obtain sens…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2017-7078
|
2024-11-21 12:31 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252202
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7077
|
2024-11-21 12:31 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252203
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
An issue was discovered in certain Apple products. Xcode before 9 is affected. The issue involves the "ld64" component. It allows remote attackers to execute arbitrary code or cause a denial of servi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7076
|
2024-11-21 12:31 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252204
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "AppSandbox" component. It allows attackers to cause a denial of service via a crafted app.
|
CWE-20
Improper Input Validation
|
CVE-2017-7074
|
2024-11-21 12:31 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252205
|
5.5 |
MEDIUM
Local
|
apple
|
iphone_os
|
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "iBooks" component. It allows remote attackers to cause a denial of service (persistent outage) vi…
|
CWE-20
Improper Input Validation
|
CVE-2017-7072
|
2024-11-21 12:31 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252206
|
5.4 |
MEDIUM
Network
|
purestorage
|
purity
|
Stored Cross-site scripting (XSS) vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System > Configu…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7352
|
2024-11-21 12:31 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252207
|
7.8 |
HIGH
Local
|
sophos
|
hitmanpro
|
In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7441
|
2024-11-21 12:31 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252208
|
6.5 |
MEDIUM
Network
|
microfocus
|
enterprise_server
enterprise_developer
|
A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote auth…
|
CWE-22
Path Traversal
|
CVE-2017-7424
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252209
|
8.8 |
HIGH
Network
|
microfocus
|
enterprise_server
enterprise_developer
|
A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow…
|
CWE-352
Origin Validation Error
|
CVE-2017-7423
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252210
|
5.4 |
MEDIUM
Network
|
microfocus
|
enterprise_server
enterprise_developer
|
Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 be…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7422
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
