|
253791
|
8.1 |
HIGH
Network
|
drupal
|
drupal
|
In Drupal versions 8.4.x versions before 8.4.5 users with permission to post comments are able to view content and comments they do not have access to, and are also able to add comments to this conte…
|
CWE-200
Information Exposure
|
CVE-2017-6926
|
2024-11-21 12:30 |
2018-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253792
|
6.4 |
MEDIUM
Local
|
cisco
|
umbrella
|
The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel (SSH) which auto initiated from the customer's appliance to Cisco's SSH Hubs in …
|
NVD-CWE-noinfo
|
CVE-2017-6679
|
2024-11-21 12:30 |
2017-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253793
|
6.5 |
MEDIUM
Network
|
cisco
|
sf302-08pp_firmware
sf302-08mpp_firmware
sg300-10pp_firmware
sg300-10mpp_firmware
sf300-24pp_firmware
sf300-48pp_firmware
sg300-28pp_firmware
sf300-08_firmware
sf300-48p_firmw…
|
A vulnerability in the Secure Shell (SSH) subsystem of Cisco Small Business Managed Switches software could allow an authenticated, remote attacker to cause a reload of the affected switch, resulting…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6720
|
2024-11-21 12:30 |
2017-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253794
|
6.7 |
MEDIUM
Local
|
cisco
|
ios_xe
|
A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to inject and execute arbitrar…
|
CWE-78
OS Command
|
CVE-2017-6796
|
2024-11-21 12:30 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253795
|
4.4 |
MEDIUM
Local
|
cisco
|
ios_xe
|
A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite arbitrary files o…
|
CWE-20
Improper Input Validation
|
CVE-2017-6795
|
2024-11-21 12:30 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253796
|
6.5 |
MEDIUM
Network
|
cisco
|
prime_collaboration_provisioning
|
A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. The vulne…
|
CWE-200
Information Exposure
|
CVE-2017-6793
|
2024-11-21 12:30 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253797
|
6.5 |
MEDIUM
Network
|
cisco
|
prime_collaboration_provisioning
|
A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to overwrite system files as root. The vulnerability is …
|
CWE-20
Improper Input Validation
|
CVE-2017-6792
|
2024-11-21 12:30 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253798
|
6.7 |
MEDIUM
Local
|
cisco
|
meeting_server
|
A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. The attacker m…
|
CWE-20
CWE-77
Improper Input Validation
Command Injection
|
CVE-2017-6794
|
2024-11-21 12:30 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253799
|
7.5 |
HIGH
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the Trust Verification Service (TVS) of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affe…
|
NVD-CWE-noinfo
|
CVE-2017-6791
|
2024-11-21 12:30 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253800
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_intelligence_center
|
A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing a Document Object Model (DOM)…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6789
|
2024-11-21 12:30 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
