|
247251
|
8.1 |
HIGH
Network
|
cloudfoundry
|
silk-release
|
Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control vulnerability. If the platform is configured with an application security group (ASG) that overlaps with th…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1267
|
2024-11-21 12:59 |
2018-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247252
|
8.1 |
HIGH
Network
|
cloudfoundry
|
capi-release
|
Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains information disclosure and path traversal vulnerabilities. An authenticated malicious user can predict the location of application b…
|
CWE-22 CWE-330
Path Traversal Use of Insufficiently Random Values
|
CVE-2018-1266
|
2024-11-21 12:59 |
2018-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247253
|
8.8 |
HIGH
Network
|
pivotal_software
|
bosh_cli
|
Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. A user with access to an instance using the BOSH CLI can access the BOSH CLI configuration file an…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1231
|
2024-11-21 12:59 |
2018-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247254
|
5.3 |
MEDIUM
Network
|
netiq
|
identity_manager
|
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system enumeration.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-1350
|
2024-11-21 12:59 |
2018-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247255
|
5.3 |
MEDIUM
Network
|
netiq
|
identity_manager
|
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system or configuration enumeration.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-1349
|
2024-11-21 12:59 |
2018-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247256
|
7.4 |
HIGH
Network
|
netiq
|
identity_manager
|
NetIQ Identity Manager driver, in versions prior to 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack.
|
NVD-CWE-noinfo
|
CVE-2018-1348
|
2024-11-21 12:59 |
2018-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247257
|
8.8 |
HIGH
Network
|
dell
|
emc_isilon_onefs
|
Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 and 8.1.0.2 is affected by a cross-site request forgery vuln…
|
CWE-352
Origin Validation Error
|
CVE-2018-1213
|
2024-11-21 12:59 |
2018-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247258
|
6.7 |
MEDIUM
Local
|
dell
|
emc_isilon_onefs
|
Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isi_pho…
|
CWE-22
Path Traversal
|
CVE-2018-1204
|
2024-11-21 12:59 |
2018-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247259
|
6.7 |
MEDIUM
Local
|
dell
|
emc_isilon_onefs
|
In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges. In versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, the tcpdump binary, being …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1203
|
2024-11-21 12:59 |
2018-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247260
|
4.8 |
MEDIUM
Network
|
dell
|
emc_isilon
|
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the NDMP Page within the OneF…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1202
|
2024-11-21 12:59 |
2018-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|