|
198721
|
6.1 |
MEDIUM
Network
|
cisco
|
email_encryption
|
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) …
|
CWE-79
Cross-site Scripting
|
CVE-2017-12290
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198722
|
9.8 |
CRITICAL
Network
|
apache
|
camel
|
The camel-castor component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security f…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-12634
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198723
|
9.8 |
CRITICAL
Network
|
apache
|
camel
|
The camel-hessian component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-12633
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198724
|
7.2 |
HIGH
Network
|
apache
|
couchdb
|
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by Couch…
|
CWE-78
OS Command
|
CVE-2017-12636
|
2024-11-21 12:09 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198725
|
9.8 |
CRITICAL
Network
|
apache
|
couchdb
|
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys …
|
CWE-269
Improper Privilege Management
|
CVE-2017-12635
|
2024-11-21 12:09 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198726
|
5.5 |
MEDIUM
Local
|
apache
|
cxf
|
Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment header that could lead to a Denial of Service (DoS) …
|
NVD-CWE-noinfo
|
CVE-2017-12624
|
2024-11-21 12:09 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198727
|
5.3 |
MEDIUM
Network
|
cisco
|
webex_meetings_server
|
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain inf…
|
CWE-200
Information Exposure
|
CVE-2017-12295
|
2024-11-21 12:09 |
2017-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198728
|
5.4 |
MEDIUM
Network
|
cisco
|
webex_meetings_server
|
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected system. The vulnerability is…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12294
|
2024-11-21 12:09 |
2017-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198729
|
6.1 |
MEDIUM
Adjacent
|
cisco
|
aironet_3800_firmware
|
A vulnerability in the handling of 802.11w Protected Management Frames (PAF) by Cisco Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user con…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12283
|
2024-11-21 12:09 |
2017-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198730
|
6.1 |
MEDIUM
Adjacent
|
cisco
|
wireless_lan_controller_software
|
A vulnerability in the Access Network Query Protocol (ANQP) ingress frame processing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, Layer 2 RF-adjacent attacker to ca…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12282
|
2024-11-21 12:09 |
2017-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
