Max CVSS 10.0 Min CVSS 4.3 Total Count8
IDCVSSSummaryLast (major) updatePublished
CVE-2017-9979 4.3
On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, if the REST call invoked does not exist, an error will be triggered containing the invalid method previously invoked. The response sent to the user isn't sanitized in this case. An attacker
28-08-2017 - 15:29 28-08-2017 - 15:29
CVE-2017-9978 5.0
On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, a flaw was found with the error message sent as a response for users that don't exist on the system. An attacker could leverage this information to fine-tune and enumerate valid accounts on
28-08-2017 - 15:29 28-08-2017 - 15:29
CVE-2017-12787 10.0
A network interface of the novi_process_manager_daemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug
22-08-2017 - 13:29 22-08-2017 - 13:29
CVE-2017-12786 10.0
Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug wh
22-08-2017 - 13:29 22-08-2017 - 13:29
CVE-2017-12785 10.0
The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. This could be used by a read-only user (monitor role)
22-08-2017 - 13:29 22-08-2017 - 13:29
CVE-2017-12784 5.0
In Youngzsoft CCFile (aka CC File Transfer) 3.6, by sending a crafted HTTP request, it is possible for a malicious user to remotely crash the affected software. No authentication is required. An example payload is a malformed request header with many
21-08-2017 - 03:29 21-08-2017 - 03:29
CVE-2017-6327 6.5
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In thi
11-08-2017 - 16:29 11-08-2017 - 16:29
CVE-2016-1960 6.8
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging
02-12-2016 - 22:23 13-03-2016 - 14:59
Back to Top Mark selected
Back to Top