|
198851
|
8.1 |
HIGH
Network
|
apache
canonical
oracle
debian
netapp
redhat
|
tomcat
ubuntu_linux
transportation_management
retail_xstore_point_of_service
webcenter_sites
retail_invoice_matching
hospitality_guest_access
retail_central_office
retail_retu…
|
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the D…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2017-12617
|
2024-11-21 12:09 |
2017-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198852
|
9.8 |
CRITICAL
Network
|
ipswitch
|
imail_server
|
Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETRE or ETCTERARED.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12639
|
2024-11-21 12:09 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198853
|
9.8 |
CRITICAL
Network
|
ipswitch
|
imail_server
|
Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETBL or ETCETERABLUE.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12638
|
2024-11-21 12:09 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198854
|
9.8 |
CRITICAL
Network
|
apache
|
opennlp
|
When loading models or dictionaries that contain XML it is possible to perform an XXE attack, since Apache OpenNLP is a library, this only affects applications that load models or dictionaries from u…
|
CWE-611
XXE
|
CVE-2017-12620
|
2024-11-21 12:09 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198855
|
9.8 |
CRITICAL
Network
|
cisco
|
ios
|
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12240
|
2024-11-21 12:09 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198856
|
6.8 |
MEDIUM
Physics
|
cisco
|
ios_xe
|
A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation Services Routers and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-12239
|
2024-11-21 12:09 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198857
|
6.5 |
MEDIUM
Adjacent
|
cisco
|
ios
|
A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C680…
|
NVD-CWE-noinfo
|
CVE-2017-12238
|
2024-11-21 12:09 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198858
|
7.5 |
HIGH
Network
|
cisco
|
ios
ios_xe
|
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthenticated, remote attacker to cause high CP…
|
NVD-CWE-noinfo
|
CVE-2017-12237
|
2024-11-21 12:09 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198859
|
9.8 |
CRITICAL
Network
|
cisco
|
ios_xe
|
A vulnerability in the implementation of the Locator/ID Separation Protocol (LISP) in Cisco IOS XE 3.2 through 16.5 could allow an unauthenticated, remote attacker using an x tunnel router to bypass …
|
CWE-287
Improper Authentication
|
CVE-2017-12236
|
2024-11-21 12:09 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198860
|
7.5 |
HIGH
Network
|
cisco
|
ios
|
A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affecte…
|
NVD-CWE-noinfo
|
CVE-2017-12235
|
2024-11-21 12:09 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
