Latest CVE Feed
-
6.1
MEDIUMCVE-2017-12344
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client ... Read more
Affected Products : data_center_network_manager- EPSS Score: %0.22
- Published: Nov. 30, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-14389
An issue was discovered in Cloud Foundry Foundation capi-release (all versions prior to 1.45.0), cf-release (all versions prior to v280), and cf-deployment (all versions prior to v1.0.0). The Cloud Controller does not prevent space developers from creatin... Read more
- EPSS Score: %0.18
- Published: Nov. 28, 2017
- Modified: Apr. 20, 2025
-
5.0
MEDIUMCVE-2017-12297
A vulnerability in Cisco WebEx Meeting Center could allow an authenticated, remote attacker to initiate connections to arbitrary hosts, aka a "URL Redirection Vulnerability." The vulnerability is due to insufficient access control for HTTP traffic directe... Read more
Affected Products : webex_meeting_center- EPSS Score: %0.24
- Published: Nov. 30, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-14198
An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before 5.4.1.3. Authenticated users with permissions to edit design assets can cause Remote Code Execution (RCE) via a maliciously crafted time_format tag.... Read more
Affected Products : matrix- EPSS Score: %1.49
- Published: Nov. 30, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-14197
An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before 5.4.1.3. There are multiple reflected Cross-Site Scripting (XSS) issues in Matrix WYSIWYG plugins.... Read more
Affected Products : matrix- EPSS Score: %0.22
- Published: Nov. 30, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-14196
An issue was discovered in Squiz Matrix from 5.3 through to 5.3.6.1 and 5.4.1.3. An information disclosure caused by a Path Traversal issue in the 'File Bridge' plugin allowed the existence of files outside of the bridged path to be confirmed.... Read more
Affected Products : matrix- EPSS Score: %0.52
- Published: Nov. 30, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2017-14189
An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regardless the provided password.... Read more
Affected Products : fortiweb_manager- EPSS Score: %1.36
- Published: Nov. 29, 2017
- Modified: Apr. 20, 2025
-
10.0
CRITICALCVE-2017-14378
EMC RSA Authentication Agent API 8.5 for C and RSA Authentication Agent SDK 8.6 for C allow attackers to bypass authentication, aka an "Error Handling Vulnerability."... Read more
- EPSS Score: %2.64
- Published: Nov. 29, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2017-8020
An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on an affected server.... Read more
Affected Products : scaleio- EPSS Score: %8.59
- Published: Nov. 28, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-8019
An issue was discovered in EMC ScaleIO 2.0.1.x. A vulnerability in message parsers (MDM, SDS, and LIA) could potentially allow an unauthenticated remote attacker to send specifically crafted packets to stop ScaleIO services and cause a denial of service s... Read more
Affected Products : scaleio- EPSS Score: %2.75
- Published: Nov. 28, 2017
- Modified: Apr. 20, 2025
-
4.2
MEDIUMCVE-2015-7269
Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by attaching a second SATA connector to exposed pins, ... Read more
- EPSS Score: %0.06
- Published: Nov. 27, 2017
- Modified: Apr. 20, 2025
-
4.2
MEDIUMCVE-2015-7268
Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ThinkPad W541 laptops with BIOS 2.21, or in Opal or eDr... Read more
Affected Products : 850_pro_firmware pm851_firmware st500lt015_firmware st500lt025_firmware 850_pro pm851 st500lt015 st500lt025- EPSS Score: %0.06
- Published: Nov. 27, 2017
- Modified: Apr. 20, 2025
-
4.2
MEDIUMCVE-2015-7267
Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitu... Read more
Affected Products : 850_pro_firmware pm851_firmware st500lt015_firmware st500lt025_firmware 850_pro pm851 st500lt015 st500lt025- EPSS Score: %0.06
- Published: Nov. 27, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-1628
IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event Manager by calling a REST API with incorrect authorization checks.... Read more
Affected Products : business_process_manager- EPSS Score: %0.30
- Published: Nov. 27, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2017-1570
IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 131852.... Read more
- EPSS Score: %0.18
- Published: Nov. 27, 2017
- Modified: Apr. 20, 2025
-
5.4
MEDIUMCVE-2017-1560
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials discl... Read more
Affected Products : rational_doors_next_generation- EPSS Score: %0.27
- Published: Nov. 27, 2017
- Modified: Apr. 20, 2025
-
5.4
MEDIUMCVE-2017-1461
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials discl... Read more
Affected Products : rational_doors_next_generation- EPSS Score: %0.27
- Published: Nov. 27, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2017-1251
An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. IBM X-Force ID: 124631.... Read more
- EPSS Score: %0.13
- Published: Nov. 27, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2017-1240
IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124359.... Read more
- EPSS Score: %0.18
- Published: Nov. 27, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2016-6024
IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM X-Force ID: 116868.... Read more
- EPSS Score: %0.13
- Published: Nov. 27, 2017
- Modified: Apr. 20, 2025