Total
2272 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-0245 | 1 Cisco | 1 Wireless Lan Controller Software | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and validation checking mechanisms in the REST API URL request. An attacker could exploit this vulnerability by sending a malicious URL to the REST API. If successful, an exploit could allow the attacker to view sensitive system information. Cisco Bug IDs: CSCvg89442. | |||||
| CVE-2018-0024 | 1 Juniper | 42 Ex2200, Ex2200-c, Ex2200\/vc and 39 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D45 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 12.3 versions prior to 12.3R11 on EX Series; 14.1X53 versions prior to 14.1X53-D30 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100;; 15.1X49 versions prior to 15.1X49-D20 on SRX Series. | |||||
| CVE-2018-0010 | 1 Juniper | 1 Junos Space | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. Affected releases are all versions of Junos Space Security Director prior to 17.2R1. | |||||
| CVE-2017-8187 | 1 Huawei | 2 Fusionsphere Openstack, Fusionsphere Openstack Firmware | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) has a privilege escalation vulnerability. Due to improper privilege restrictions, an attacker with high privilege may obtain the other users' certificates. Successful exploit may cause privilege escalation. | |||||
| CVE-2017-7399 | 1 Cloudera | 1 Cloudera Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users. | |||||
| CVE-2017-6924 | 1 Drupal | 1 Drupal | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| In Drupal 8 prior to 8.3.7; When using the REST API, users without the correct permission can post comments via REST that are approved even if the user does not have permission to post approved comments. This issue only affects sites that have the RESTful Web Services (rest) module enabled, the comment entity REST resource enabled, and where an attacker can access a user account on the site with permissions to post comments, or where anonymous users can post comments. | |||||
| CVE-2017-6152 | 1 F5 | 1 Big-iq Centralized Management | 2024-11-21 | 2.1 LOW | 6.7 MEDIUM |
| A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account password. | |||||
| CVE-2017-5736 | 1 Intel | 1 Software Guard Extensions Platform Software Component | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
| An elevation of privilege in Intel Software Guard Extensions Platform Software Component before 1.9.105.42329 allows a local attacker to execute arbitrary code as administrator. | |||||
| CVE-2017-5703 | 1 Intel | 308 Atom C2308, Atom C2316, Atom C2338 and 305 more | 2024-11-21 | 3.6 LOW | 6.0 MEDIUM |
| Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service. | |||||
| CVE-2017-2672 | 2 Redhat, Theforeman | 2 Satellite, Foreman | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A flaw was found in foreman before version 1.15 in the logging of adding and registering images. An attacker with access to the foreman log file would be able to view passwords for provisioned systems in the log file, allowing them to access those systems. | |||||
| CVE-2017-20121 | 1 Teradici | 1 Pcoip Management Console | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Database Management. The manipulation leads to improper privilege management. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20107 | 2 Microsoft, Shadeyouvpn.com Project | 2 Windows, Shadeyouvpn.com | 2024-11-21 | 7.2 HIGH | 5.3 MEDIUM |
| A vulnerability, which was classified as problematic, was found in ShadeYouVPN.com Client 2.0.1.11. Affected is an unknown function. The manipulation leads to improper privilege management. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1.12 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2017-20081 | 1 Hindu Matrimonial Script Project | 1 Hindu Matrimonial Script | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in Hindu Matrimonial Script. This affects an unknown part of the file /admin/reports.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20080 | 1 Hindu Matrimonial Script Project | 1 Hindu Matrimonial Script | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in Hindu Matrimonial Script. Affected by this issue is some unknown functionality of the file /admin/googleads.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20079 | 1 Hindu Matrimonial Script Project | 1 Hindu Matrimonial Script | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical was found in Hindu Matrimonial Script. Affected by this vulnerability is an unknown functionality of the file /admin/photo.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20078 | 1 Hindu Matrimonial Script Project | 1 Hindu Matrimonial Script | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in Hindu Matrimonial Script. Affected is an unknown function of the file /admin/featured.php. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20077 | 1 Hindu Matrimonial Script Project | 1 Hindu Matrimonial Script | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in Hindu Matrimonial Script. It has been rated as critical. This issue affects some unknown processing of the file /admin/success_story.php. The manipulation leads to improper privilege management. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20076 | 1 Hindu Matrimonial Script Project | 1 Hindu Matrimonial Script | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. This vulnerability affects unknown code of the file /admin/searchview.php. The manipulation leads to improper privilege management. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20075 | 1 Hindu Matrimonial Script Project | 1 Hindu Matrimonial Script | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in Hindu Matrimonial Script. It has been classified as critical. This affects an unknown part of the file /admin/payment.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20074 | 1 Hindu Matrimonial Script Project | 1 Hindu Matrimonial Script | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in Hindu Matrimonial Script and classified as critical. Affected by this issue is some unknown functionality of the file /admin/newsletter1.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||