|
264741
|
6.7 |
MEDIUM
Local
|
cisco
|
advanced_malware_protection_for_endpoints
|
An untrusted search path (aka DLL Preloading) vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a lo…
|
CWE-20
CWE-426
Improper Input Validation
Untrusted Search Path
|
CVE-2017-12312
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264742
|
5.8 |
MEDIUM
Network
|
cisco
|
meeting_server
|
A vulnerability in the H.264 decoder function of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a Cisco Meeting Server media process to restart unexpectedly when it rec…
|
CWE-20
Improper Input Validation
|
CVE-2017-12311
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264743
|
5.3 |
MEDIUM
Network
|
cisco
|
email_security_appliance_firmware
|
A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a HTTP response splitting attack. The vulnerability is due to the failure of the…
|
CWE-113
HTTP Response Splitting
|
CVE-2017-12309
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264744
|
4.4 |
MEDIUM
Local
|
cisco
|
conference_director
|
A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local attacker to install an unverified upgrade package, aka Signature Verification Bypass. The vulnerability…
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2017-12306
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264745
|
6.1 |
MEDIUM
Network
|
cisco
|
ios
|
A vulnerability in the IOS daemon (IOSd) web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12304
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264746
|
5.3 |
MEDIUM
Network
|
cisco
|
asyncos
|
A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to byp…
|
CWE-358
Improperly Implemented Security Check for Standard
|
CVE-2017-12303
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264747
|
4.3 |
MEDIUM
Network
|
cisco
|
unified_communications_domain_manager
|
A vulnerability in the Cisco Unified Communications Manager SQL database interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL…
|
CWE-89
SQL Injection
|
CVE-2017-12302
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264748
|
5.8 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message…
|
CWE-20
Improper Input Validation
|
CVE-2017-12300
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264749
|
5.3 |
MEDIUM
Network
|
cisco
|
firepower_extensible_operating_system
|
A vulnerability exists in the process of creating default IP blocks during device initialization for Cisco ASA Next-Generation Firewall Services that could allow an unauthenticated, remote attacker t…
|
CWE-20
Improper Input Validation
|
CVE-2017-12299
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264750
|
6.1 |
MEDIUM
Network
|
cisco
|
email_encryption
|
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) …
|
CWE-79
Cross-site Scripting
|
CVE-2017-12292
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
