Lucene search
K

92 matches found

Cisco
Cisco
added 2018/09/26 4:0 p.m.67 views

Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities

Multiple vulnerabilities in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerabilities ar...

6.7CVSS2.7AI score
Exploits0References1
Packet Storm
Packet Storm
added 2018/05/07 12:0 a.m.73 views

GNU Wget 1.19.4 Cookie Injection

GNU Wget Cookie Injection CVE-2018-0494 ========================================= The latest version of this advisory is available at: https://sintonen.fi/advisories/gnu-wget-cookie-injection.txt Overview -------- GNU Wget is susceptible to a malicious web server injecting arbitrary cookies to th...

7AI score0.17249EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/01/11 12:0 a.m.42 views

Microsoft Windows - NTFS Owner/Mandatory Label Privilege Bypass

/ Windows: NTFS Owner/Mandatory Label Privilege Bypass EoP Platform: Windows 10 1709 not tested 8.1 Update 2 or Windows 7 Class: Elevation of Privilege Summary: When creating a new file on an NTFS drive it’s possible to circumvent security checks for setting an arbitrary owner and mandatory label...

7.4AI score
Exploits0
NVD
NVD
added 2017/11/30 9:29 a.m.21 views

CVE-2017-12343

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

8.8CVSS7.9AI score0.01594EPSS
Exploits0References2
Prion
Prion
added 2017/11/30 9:29 a.m.18 views

Cross site scripting

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

4.3CVSS6AI score0.0085EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/11/30 9:29 a.m.17 views

Cross site scripting

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

5.8CVSS6AI score0.00926EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/11/30 9:29 a.m.21 views

CVE-2017-12345

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

4.7CVSS4.8AI score0.01379EPSS
Exploits0References2
Prion
Prion
added 2017/11/30 9:29 a.m.21 views

Cross site scripting

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

4.3CVSS6AI score0.0085EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/11/30 9:29 a.m.24 views

CVE-2017-12344

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

6.1CVSS6.1AI score0.00926EPSS
Exploits0References2
NVD
NVD
added 2017/11/30 9:29 a.m.20 views

CVE-2017-12347

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

6.1CVSS6.1AI score0.0085EPSS
Exploits0References2
Prion
Prion
added 2017/11/30 9:29 a.m.16 views

Cross site scripting

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

6.5CVSS7.8AI score0.01594EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/11/30 9:0 a.m.57 views

CVE-2017-12345

Cisco DCNM (Data Center Network Manager) software is affected by multiple vulnerabilities involving input validation in the web interface. CNVD-2017-36131 describes a content spoofing flaw caused by inadequate validation of HTTP parameters, allowing a remote attacker to inject malicious content i...

4.7CVSS4.7AI score0.01379EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/11/30 9:0 a.m.20 views

CVE-2017-12343

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

7.9AI score0.01594EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/11/30 9:0 a.m.20 views

CVE-2017-12346

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

6.1AI score0.0085EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/11/30 9:0 a.m.18 views

CVE-2017-12345

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

4.8AI score0.01379EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/11/30 9:0 a.m.21 views

CVE-2017-12344

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...

6.1AI score0.00926EPSS
Exploits0References2
CVE
CVE
added 2017/07/13 8:0 p.m.82 views

CVE-2017-1000016

Summary (from provided sources): CVE-2017-1000016 describes a cookie attribute injection weakness in phpMyAdmin, allowing an attacker to inject arbitrary values into browser cookies. The CVE is described as a re-issue of an incomplete fix from PMASA-2016-18. Connected advisories reference phpMyAd...

7.5CVSS7.5AI score0.01121EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/06/08 9:29 p.m.13 views

Input validation

The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2.8 through 2.2.21 for Wordpress allows remote attackers to read arbitrary Wordpress option values...

5CVSS7.3AI score0.03488EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2017/06/08 9:29 p.m.28 views

CVE-2015-3634

The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2.8 through 2.2.21 for Wordpress allows remote attackers to read arbitrary Wordpress option values...

7.5CVSS7.5AI score0.03488EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/06/08 9:0 p.m.29 views

CVE-2015-3634

The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2.8 through 2.2.21 for Wordpress allows remote attackers to read arbitrary Wordpress option values...

7.5AI score0.03488EPSS
Exploits0References4
Rows per page
Query Builder