Total
6955 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6968 | 1 Cisco | 1 Webex Training Center | 2017-11-28 | 5.0 MEDIUM | N/A |
| Cisco WebEx Training Center provides different error messages for registration attempts depending on whether the e-mail address exists, which allows remote attackers to enumerate attendees via a series of requests, aka Bug ID CSCul36003. | |||||
| CVE-2013-6970 | 1 Cisco | 1 Webex Meeting Center | 2017-11-28 | 5.0 MEDIUM | N/A |
| Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information by reading verbose error messages within server responses, aka Bug ID CSCul35928. | |||||
| CVE-2013-6972 | 1 Cisco | 1 Webex Training Center | 2017-11-28 | 5.0 MEDIUM | N/A |
| Cisco WebEx Training Center allows remote attackers to discover session numbers, and bypass host approval for audio-conference attendance, by reading HTML source code, aka Bug ID CSCul57126. | |||||
| CVE-2013-6973 | 1 Cisco | 1 Webex Training Center | 2017-11-28 | 4.3 MEDIUM | N/A |
| Cisco WebEx Training Center allows remote attackers to discover registration IDs via a crafted URL, aka Bug ID CSCul57121. | |||||
| CVE-2017-16673 | 1 Datto | 1 Backup Agent | 2017-11-28 | 2.9 LOW | 5.3 MEDIUM |
| Datto Backup Agent 1.0.6.0 and earlier does not authenticate incoming connections. This allows an attacker to impersonate a Datto Backup Appliance to "pair" with the agent and issue requests to this agent, if the attacker can reach the agent on TCP port 25566 or 25568, and send unspecified "specific information" by which the agent identifies a network device that is "appearing to be a valid Datto." | |||||
| CVE-2017-16661 | 1 Cacti | 1 Cacti | 2017-11-28 | 4.0 MEDIUM | 4.9 MEDIUM |
| Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd. | |||||
| CVE-2017-16633 | 1 Joomla | 1 Joomla\! | 2017-11-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Joomla! before 3.8.2, a logic bug in com_fields exposed read-only information about a site's custom fields to unauthorized users. | |||||
| CVE-2017-8810 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2017-11-28 | 5.0 MEDIUM | 7.5 HIGH |
| MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2, when a private wiki is configured, provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests. | |||||
| CVE-2016-6494 | 2 Fedoraproject, Mongodb | 2 Fedora, Mongodb | 2017-11-28 | 2.1 LOW | 5.5 MEDIUM |
| The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files. | |||||
| CVE-2017-13836 | 1 Apple | 1 Mac Os X | 2017-11-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-13841 | 1 Apple | 1 Mac Os X | 2017-11-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-13840 | 1 Apple | 1 Mac Os X | 2017-11-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-13842 | 1 Apple | 1 Mac Os X | 2017-11-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-7113 | 1 Apple | 1 Iphone Os | 2017-11-28 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "UIKit" component. It allows attackers to bypass intended read restrictions for secure text fields via vectors involving a focus-change event. | |||||
| CVE-2017-13805 | 1 Apple | 1 Iphone Os | 2017-11-28 | 2.1 LOW | 2.4 LOW |
| An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to obtain sensitive information via a Siri request for private-content notifications that should not have been available in the lock-screen state. | |||||
| CVE-2017-13822 | 1 Apple | 1 Mac Os X | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-13821 | 1 Apple | 1 Mac Os X | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFString" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-13823 | 1 Apple | 1 Mac Os X | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "QuickTime" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-13831 | 1 Apple | 1 Mac Os X | 2017-11-27 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service via a crafted image. | |||||
| CVE-2017-13818 | 1 Apple | 1 Mac Os X | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||