|
198831
|
7.5 |
HIGH
Network
|
cisco
|
small_business_ip_phone_firmware
|
A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause an af…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12259
|
2024-11-21 12:09 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198832
|
9.9 |
CRITICAL
Network
|
cisco
|
cloud_services_platform_2100
|
A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact maliciously with the services or virtual machines (VMs) op…
|
CWE-287
Improper Authentication
|
CVE-2017-12251
|
2024-11-21 12:09 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198833
|
9.8 |
CRITICAL
Network
|
apache
redhat
debian
canonical
|
solr
jboss_enterprise_application_platform
debian_linux
ubuntu_linux
|
Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener …
|
CWE-611
XXE
|
CVE-2017-12629
|
2024-11-21 12:09 |
2017-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198834
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively insta…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-12192
|
2024-11-21 12:09 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198835
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest…
|
-
|
CVE-2017-12188
|
2024-11-21 12:09 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198836
|
6.5 |
MEDIUM
Network
|
apache
|
nifi
|
An authorized user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity (XXE) attack. The fix to properly handle XML External Entities was ap…
|
CWE-611
XXE
|
CVE-2017-12623
|
2024-11-21 12:09 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198837
|
7.5 |
HIGH
Network
|
cisco
|
ios_xr
|
A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12270
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198838
|
5.4 |
MEDIUM
Network
|
cisco
|
spark
|
A vulnerability in the web UI of Cisco Spark Messaging Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. The vulnerability is due to insuff…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12269
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198839
|
6.5 |
MEDIUM
Local
|
cisco
|
anyconnect_secure_mobility_client
|
A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Inter…
|
NVD-CWE-noinfo
|
CVE-2017-12268
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198840
|
5.3 |
MEDIUM
Network
|
cisco
|
wide_area_application_services
virtual_wide_area_application_services
|
A vulnerability in the Independent Computing Architecture (ICA) accelerator feature for the Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an ICA…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12267
|
2024-11-21 12:09 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
