|
253501
|
7.8 |
HIGH
Local
|
sophos
|
hitmanpro
|
In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7441
|
2024-11-21 12:31 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253502
|
6.5 |
MEDIUM
Network
|
microfocus
|
enterprise_server
enterprise_developer
|
A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote auth…
|
CWE-22
Path Traversal
|
CVE-2017-7424
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253503
|
8.8 |
HIGH
Network
|
microfocus
|
enterprise_server
enterprise_developer
|
A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow…
|
CWE-352
Origin Validation Error
|
CVE-2017-7423
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253504
|
5.4 |
MEDIUM
Network
|
microfocus
|
enterprise_server
enterprise_developer
|
Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 be…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7422
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253505
|
9.8 |
CRITICAL
Network
|
microfocus
|
enterprise_server_monitor_and_control
enterprise_developer
enterprise_server
|
An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Ho…
|
CWE-287
Improper Authentication
|
CVE-2017-7420
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253506
|
6.1 |
MEDIUM
Network
|
microfocus
|
enterprise_server_monitor_and_control
enterprise_developer
enterprise_server
directory_server
|
Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in Directory Server (aka Enterprise Server Administration web UI) and ESMAC (aka Enterprise Server Monitor and Control) in Micr…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7421
|
2024-11-21 12:31 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253507
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (whi…
|
CWE-416
Use After Free
|
CVE-2017-7364
|
2024-11-21 12:31 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253508
|
9.8 |
CRITICAL
Network
|
aptus
|
styra_porttelefonkort_4400_firmware
|
Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2017-7278
|
2024-11-21 12:31 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253509
|
8.8 |
HIGH
Network
|
gonitro
|
nitro_pro
|
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.
|
CWE-22
Path Traversal
|
CVE-2017-7442
|
2024-11-21 12:31 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253510
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortiwlm
|
A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote attacker to log-in and execute commands with 'upgrade' account privileges.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-7336
|
2024-11-21 12:31 |
2017-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
