|
264211
|
5.3 |
MEDIUM
Network
|
cisco
|
asyncos
|
A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to byp…
|
CWE-358
Improperly Implemented Security Check for Standard
|
CVE-2017-12303
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264212
|
4.3 |
MEDIUM
Network
|
cisco
|
unified_communications_domain_manager
|
A vulnerability in the Cisco Unified Communications Manager SQL database interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL…
|
CWE-89
SQL Injection
|
CVE-2017-12302
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264213
|
5.8 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message…
|
CWE-20
Improper Input Validation
|
CVE-2017-12300
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264214
|
5.3 |
MEDIUM
Network
|
cisco
|
firepower_extensible_operating_system
|
A vulnerability exists in the process of creating default IP blocks during device initialization for Cisco ASA Next-Generation Firewall Services that could allow an unauthenticated, remote attacker t…
|
CWE-20
Improper Input Validation
|
CVE-2017-12299
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264215
|
6.1 |
MEDIUM
Network
|
cisco
|
email_encryption
|
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) …
|
CWE-79
Cross-site Scripting
|
CVE-2017-12292
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264216
|
6.1 |
MEDIUM
Network
|
cisco
|
email_encryption
|
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) …
|
CWE-79
Cross-site Scripting
|
CVE-2017-12291
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264217
|
6.1 |
MEDIUM
Network
|
cisco
|
email_encryption
|
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) …
|
CWE-79
Cross-site Scripting
|
CVE-2017-12290
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264218
|
9.8 |
CRITICAL
Network
|
apache
|
camel
|
The camel-castor component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security f…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-12634
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264219
|
9.8 |
CRITICAL
Network
|
apache
|
camel
|
The camel-hessian component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-12633
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264220
|
7.2 |
HIGH
Network
|
apache
|
couchdb
|
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by Couch…
|
CWE-78
OS Command
|
CVE-2017-12636
|
2024-11-21 12:09 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
