|
246471
|
7.5 |
HIGH
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center (FMC), when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2018-15458
|
2024-11-21 12:50 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246472
|
6.1 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
|
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of th…
|
CWE-79
Cross-site Scripting
|
CVE-2018-15457
|
2024-11-21 12:50 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246473
|
4.9 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the Admin Portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to view saved passwords in plain text. The vulnerability is due to the incorr…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-15456
|
2024-11-21 12:50 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246474
|
8.6 |
HIGH
Network
|
cisco
|
email_security_appliance_firmware
|
A vulnerability in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features of Cisco AsyncOS Software for Cisco Email Security Ap…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-15453
|
2024-11-21 12:50 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246475
|
7.1 |
HIGH
Local
|
expressvpn
|
expressvpn
|
An issue was discovered in ExpressVPN on Windows. The Xvpnd.exe process (which runs as a service with SYSTEM privileges) listens on TCP port 2015, which is used as an RPC interface for communication …
|
CWE-22
Path Traversal
|
CVE-2018-15490
|
2024-11-21 12:50 |
2019-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246476
|
7.8 |
HIGH
Local
|
skydevices
|
sky_elite_6.0l\+_firmware
|
The Sky Elite 6.0L+ Android device with a build fingerprint of SKY/x6069_trx_l601_sky/x6069_trx_l601_sky:6.0/MRA58K/1482897127:user/release-keys contains a pre-installed platform app with a package n…
|
CWE-78
OS Command
|
CVE-2018-15007
|
2024-11-21 12:50 |
2018-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246477
|
5.5 |
MEDIUM
Local
|
zteusa
|
zte_zmax_champ_firmware
|
The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys contains a pre-installed platform app with a package name of com.androi…
|
NVD-CWE-noinfo
|
CVE-2018-15006
|
2024-11-21 12:50 |
2018-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246478
|
7.1 |
HIGH
Local
|
zteusa
|
zte_zmax_champ_firmware
|
The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys contains a pre-installed platform app with a package name of com.zte.zd…
|
NVD-CWE-noinfo
CWE-862
Missing Authorization
|
CVE-2018-15005
|
2024-11-21 12:50 |
2018-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246479
|
5.9 |
MEDIUM
Network
|
coolpad
|
canvas_firmware
|
The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/cp3636a:7.0/NRD90M/093031423:user/release-keys contains a platform app with a package name of com.qualcomm.qti.modemtestmode (ver…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-15004
|
2024-11-21 12:50 |
2018-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246480
|
4.7 |
MEDIUM
Local
|
vivo
|
v7_firmware
|
The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys allows any app co-located on the device to set system properties as the com.android.phone u…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-15002
|
2024-11-21 12:50 |
2018-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
