|
253281
|
5.4 |
MEDIUM
Network
|
purestorage
|
purity
|
Stored Cross-site scripting (XSS) vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System > Configu…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7352
|
2024-11-21 12:31 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253282
|
7.8 |
HIGH
Local
|
sophos
|
hitmanpro
|
In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7441
|
2024-11-21 12:31 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253283
|
6.5 |
MEDIUM
Network
|
microfocus
|
enterprise_server
enterprise_developer
|
A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote auth…
|
CWE-22
Path Traversal
|
CVE-2017-7424
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253284
|
8.8 |
HIGH
Network
|
microfocus
|
enterprise_server
enterprise_developer
|
A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow…
|
CWE-352
Origin Validation Error
|
CVE-2017-7423
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253285
|
5.4 |
MEDIUM
Network
|
microfocus
|
enterprise_server
enterprise_developer
|
Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 be…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7422
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253286
|
9.8 |
CRITICAL
Network
|
microfocus
|
enterprise_server_monitor_and_control
enterprise_developer
enterprise_server
|
An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Ho…
|
CWE-287
Improper Authentication
|
CVE-2017-7420
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253287
|
6.1 |
MEDIUM
Network
|
microfocus
|
enterprise_server_monitor_and_control
enterprise_developer
enterprise_server
directory_server
|
Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in Directory Server (aka Enterprise Server Administration web UI) and ESMAC (aka Enterprise Server Monitor and Control) in Micr…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7421
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253288
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (whi…
|
CWE-416
Use After Free
|
CVE-2017-7364
|
2024-11-21 12:31 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253289
|
9.8 |
CRITICAL
Network
|
aptus
|
styra_porttelefonkort_4400_firmware
|
Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2017-7278
|
2024-11-21 12:31 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253290
|
8.8 |
HIGH
Network
|
gonitro
|
nitro_pro
|
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.
|
CWE-22
Path Traversal
|
CVE-2017-7442
|
2024-11-21 12:31 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
