Latest CVE Feed
-
8.8
HIGHCVE-2017-9633
An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles, Infiniti ... Read more
Affected Products : s-gold_2_pmb_8876- Published: Aug. 07, 2017
- Modified: May. 06, 2025
-
9.8
CRITICALCVE-2017-9632
A Missing Encryption of Sensitive Data issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash AutoXpress and AutoExpress Plus, all versions, Lase... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
9.4
CRITICALCVE-2017-9630
An Improper Authentication issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash AutoXpress and AutoExpress Plus, all versions, LaserJet, all ve... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.3
MEDIUMCVE-2017-7936
A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.0
MEDIUMCVE-2017-7932
An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX ... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
10.0
CRITICALCVE-2017-7928
An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while con... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-7920
An Improper Authentication issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. By accessing a specific uniform resource locator (URL) on the web server, a malicious... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-7916
A Permissions, Privileges, and Access Controls issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. The web application does not properly restrict privileges of the ... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
4.2
MEDIUMCVE-2017-6770
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Ad... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
5.4
MEDIUMCVE-2017-6769
A vulnerability in the web-based management interface of the Cisco Secure Access Control System (ACS) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected s... Read more
Affected Products : secure_access_control_system- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-6766
A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5.4.0, 5.4.1, 6.0.0, 6.1.0, 6.2.0, 6.2.1, and 6.2.2 could allow an unauthenticated, remote attacker to bypass the SSL policy for decrypt... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-6765
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) 9.1(6.11) and 9.4(1.2) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based manageme... Read more
Affected Products : adaptive_security_appliance_software- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
5.4
MEDIUMCVE-2017-6764
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) 9.5(1) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an... Read more
Affected Products : adaptive_security_appliance_software- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-6763
A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) 2.1.4 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affect... Read more
Affected Products : meeting_server- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-6762
A vulnerability in the web-based management interface of Cisco Jabber Guest Server 10.6(9), 11.0(0), and 11.0(1) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management inte... Read more
Affected Products : jabber_guest- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-6761
A vulnerability in the web-based management interface of Cisco Finesse 10.6(1) and 11.5(1) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected d... Read more
Affected Products : finesse- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.8
MEDIUMCVE-2017-6759
A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool 12.1 could allow an authenticated, remote attacker to write arbitrary files as root on the system. The vulnerability is due to insufficient input validation. An attac... Read more
Affected Products : prime_collaboration_provisioning- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.8
MEDIUMCVE-2017-6758
A vulnerability in the web framework of Cisco Unified Communications Manager 11.5(1.10000.6) could allow an authenticated, remote attacker to access arbitrary files in the context of the web root directory structure on an affected device. The vulnerabilit... Read more
Affected Products : unified_communications_manager- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-6757
A vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5), 11.0(1.10000.10), and 11.5(1.10000.6) could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failure to validate user-su... Read more
Affected Products : unified_communications_manager- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-6756
A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool through 12.2 could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of defense against cross-site request... Read more
Affected Products : prime_collaboration_provisioning- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025