Total
9170 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-11177 | 1 Websense | 1 Triton Ap Email | 2017-11-29 | 5.0 MEDIUM | 7.5 HIGH |
| TRITON AP-EMAIL 8.2 before 8.2 IB does not properly restrict file access in an unspecified directory. | |||||
| CVE-2017-13703 | 1 Moxa | 2 Eds-g512e, Eds-g512e Firmware | 2017-11-29 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may occur. | |||||
| CVE-2013-6959 | 1 Cisco | 1 Webex Sales Center | 2017-11-28 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in Cisco WebEx Sales Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul25557. | |||||
| CVE-2013-6966 | 1 Cisco | 1 Webex Training Center | 2017-11-28 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul36031. | |||||
| CVE-2013-6967 | 1 Cisco | 1 Webex Sales Center | 2017-11-28 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the mobile-browser subsystem in Cisco WebEx Sales Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul36020. | |||||
| CVE-2013-6969 | 1 Cisco | 1 Webex Training Center | 2017-11-28 | 4.3 MEDIUM | N/A |
| The training-registration page in Cisco WebEx Training Center allows remote attackers to modify unspecified fields via unknown vectors, aka Bug ID CSCul35990. | |||||
| CVE-2013-6971 | 1 Cisco | 1 Webex Training Center | 2017-11-28 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul57140. | |||||
| CVE-2017-8811 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2017-11-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| The implementation of raw message parameter expansion in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows HTML mangling attacks. | |||||
| CVE-2017-8814 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2017-11-28 | 5.0 MEDIUM | 7.5 HIGH |
| The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attackers to replace text inside tags via a rule definition followed by "a lot of junk." | |||||
| CVE-2017-8815 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2017-11-28 | 5.0 MEDIUM | 7.5 HIGH |
| The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attribute injection attacks via glossary rules. | |||||
| CVE-2017-13790 | 1 Apple | 1 Safari | 2017-11-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. Safari before 11.0.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site. | |||||
| CVE-2017-13789 | 1 Apple | 1 Safari | 2017-11-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. Safari before 11.0.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site. | |||||
| CVE-2009-1197 | 1 Apache | 1 Juddi | 2017-11-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error logging of keys from uddiget.jsp. | |||||
| CVE-2017-13809 | 1 Apple | 1 Mac Os X | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "AppleScript" component. It allows remote attackers to execute arbitrary code via a crafted AppleScript file that is mishandled by osadecompile. | |||||
| CVE-2017-13807 | 1 Apple | 1 Mac Os X | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted QuickTime file. | |||||
| CVE-2017-12802 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-27 | 4.3 MEDIUM | 6.5 MEDIUM |
| The EBML_IntegerValue function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | |||||
| CVE-2017-6671 | 1 Cisco | 1 Email Security Appliance Firmware | 2017-11-27 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device, as demonstrated by the Attachment Filter. More Information: CSCvd34632. Known Affected Releases: 10.0.1-087 9.7.1-066. Known Fixed Releases: 10.0.2-020 9.8.1-015. | |||||
| CVE-2017-12801 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | |||||
| CVE-2017-12783 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| The ReadDataFloat function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | |||||
| CVE-2017-12782 | 1 Matroska | 3 Libebml2, Mkclean, Mkvalidator | 2017-11-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| The ReadData function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | |||||