Total
9170 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0331 | 1 Funkwerk | 2 System Software, X2300 | 2017-08-07 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Funkwerk System Software before 7.4.1 PATCH 9 for certain Funkwerk Router / VPN devices allows remote attackers to cause a denial of service (panic and reboot) via unspecified DNS requests. | |||||
| CVE-2008-1030 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-07 | 10.0 HIGH | N/A |
| Integer overflow in the CFDataReplaceBytes function in the CFData API in CoreFoundation in Apple Mac OS X before 10.5.3 allows context-dependent attackers to execute arbitrary code or cause a denial of service (crash) via an invalid length argument, which triggers a heap-based buffer overflow. | |||||
| CVE-2008-0264 | 1 Drupal | 1 Meta Tags Module | 2017-08-07 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Meta Tags (aka Nodewords) 5.x-1.6 module for Drupal, when images are permitted in node bodies, allows remote authenticated users to execute arbitrary code via unspecified vectors involving creation of a node. | |||||
| CVE-2008-0277 | 1 Drupal | 1 Fileshare Module | 2017-08-07 | 8.5 HIGH | N/A |
| Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors. | |||||
| CVE-2008-1157 | 1 Cisco | 1 Ciscoworks Internetwork Performance Monitor | 2017-08-07 | 10.0 HIGH | N/A |
| Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 creates a process that executes a command shell and listens on a randomly chosen TCP port, which allows remote attackers to execute arbitrary commands. | |||||
| CVE-2008-1158 | 1 Cisco | 2 Unified Presence, Unified Presence Server | 2017-08-07 | 7.8 HIGH | N/A |
| The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164. | |||||
| CVE-2008-0534 | 2 Cisco, Icon-labs | 2 Service Control Engine, Iconfidant Ssh | 2017-08-07 | 7.8 HIGH | N/A |
| The SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (device restart or daemon outage) via a high rate of login attempts, aka Bug ID CSCsi68582. | |||||
| CVE-2017-11183 | 1 Glpi-project | 1 Glpi | 2017-08-07 | 5.5 MEDIUM | 4.9 MEDIUM |
| front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter. | |||||
| CVE-2017-11393 | 1 Trendmicro | 1 Officescan | 2017-08-05 | 10.0 HIGH | 9.8 CRITICAL |
| Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the tr parameter within Proxy.php. Formerly ZDI-CAN-4543. | |||||
| CVE-2016-9717 | 1 Ibm | 1 Infosphere Master Data Management Server | 2017-08-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| HTTP Parameter Override is identified in the IBM Infosphere Master Data Management (MDM) 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 product. It enables attackers by exposing the presence of duplicated parameters which may produce an anomalous behavior in the application that can be potentially exploited. | |||||
| CVE-2017-1460 | 1 Ibm | 1 I | 2017-08-03 | 5.0 MEDIUM | 7.5 HIGH |
| IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router spoofs its origin. Routing tables are affected by a missing LSA, which may lead to loss of connectivity. IBM X-Force ID: 128379. | |||||
| CVE-2016-9719 | 1 Ibm | 1 Infosphere Master Data Management Server | 2017-08-03 | 3.5 LOW | 5.7 MEDIUM |
| IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 119733. | |||||
| CVE-2017-12143 | 1 Libquicktime | 1 Libquicktime | 2017-08-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libquicktime 1.2.4, an allocation failure was found in the function quicktime_read_info in lqt_quicktime.c, which allows attackers to cause a denial of service via a crafted file. | |||||
| CVE-2017-12145 | 1 Libquicktime | 1 Libquicktime | 2017-08-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libquicktime 1.2.4, an allocation failure was found in the function quicktime_read_ftyp in ftyp.c, which allows attackers to cause a denial of service via a crafted file. | |||||
| CVE-2017-9497 | 2 Cisco, Motorola | 2 Mx011anm Firmware, Mx011anm | 2017-08-02 | 7.2 HIGH | 6.8 MEDIUM |
| The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to execute arbitrary commands as root by pulling up the diagnostics menu on the set-top box, and then posting to a Web Inspector route. | |||||
| CVE-2015-3278 | 1 Nss Compat Ossl Project | 1 Nss Compat Ossl | 2017-07-31 | 7.5 HIGH | 9.8 CRITICAL |
| The cipherstring parsing code in nss_compat_ossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors. | |||||
| CVE-2016-4698 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-07-29 | 9.3 HIGH | 7.8 HIGH |
| AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 mishandles process entitlement and Team ID values in the task port inheritance policy, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | |||||
| CVE-2016-0913 | 1 Emc | 2 Networker Module For Microsoft Applications, Replication Manager | 2017-07-29 | 7.5 HIGH | 9.8 CRITICAL |
| The client in EMC Replication Manager (RM) before 5.5.3.0_01-PatchHotfix, EMC Network Module for Microsoft 3.x, and EMC Networker Module for Microsoft 8.2.x before 8.2.3.6 allows remote RM servers to execute arbitrary commands by placing a crafted script in an SMB share. | |||||
| CVE-2016-6379 | 1 Cisco | 2 Ios, Ios Xe | 2017-07-29 | 7.8 HIGH | 7.5 HIGH |
| Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089. | |||||
| CVE-2016-6445 | 1 Cisco | 1 Meeting Server | 2017-07-29 | 6.4 MEDIUM | 9.1 CRITICAL |
| A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6 could allow an unauthenticated, remote attacker to masquerade as a legitimate user. This vulnerability is due to the XMPP service incorrectly processing a deprecated authentication scheme. A successful exploit could allow an attacker to access the system as another user. | |||||