Vulnerabilities (CVE)

CWE filter

CWE-668

Filter

63 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-1848 2019-10-09 4.8
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. The vulnerability is due to insufficient access restriction to...
CVE-2018-1840 1 Ibm 1 Websphere Application Server 2019-10-09 6.8
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to gain elevated privileges on the system, caused when a security domain is configured to use a federated repository other than global federated repository and then...
CVE-2017-6872 1 Siemens 2 Ozw772 Firmware, Ozw672 Firmware 2019-10-09 6.4
A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker with access to port 21/tcp to access or alter historical measurement data stored on the device.
CVE-2017-16610 2019-10-09 7.5
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within upload_save_do.jsp. The...
CVE-2017-16606 1 Netgain-systems 1 Enterprise Manager 2019-10-09 6.5
This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the...
CVE-2017-16605 1 Netgain-systems 1 Enterprise Manager 2019-10-09 4.0
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing...
CVE-2017-16604 1 Netgain-systems 1 Enterprise Manager 2019-10-09 4.0
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing...
CVE-2017-16603 1 Netgain-systems 1 Enterprise Manager 2019-10-09 6.5
This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the...
CVE-2017-16601 1 Netgain-systems 1 Enterprise Manager 2019-10-09 4.0
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing...
CVE-2017-16600 1 Netgain-systems 1 Enterprise Manager 2019-10-09 4.0
This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication...
CVE-2017-16599 1 Netgain-systems 1 Enterprise Manager 2019-10-09 4.0
This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing...
CVE-2017-16598 1 Netgain-systems 1 Enterprise Manager 2019-10-09 6.5
This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the...
CVE-2017-16597 1 Netgain-systems 1 Enterprise Manager 2019-10-09 7.5
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Authentication is not required to exploit this vulnerability. The specific flaw exists...
CVE-2017-16593 1 Netgain-systems 1 Enterprise Manager 2019-10-09 4.0
This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing...
CVE-2017-12363 1 Cisco 1 Webex Meetings Server 2019-10-09 5.0
A vulnerability in Cisco WebEx Meeting Server could allow an unauthenticated, remote attacker to modify the welcome message of a meeting on an affected system. The vulnerability is due to insufficient security settings on meetings. An attacker...
CVE-2017-12351 1 Cisco 1 Nx-os 2019-10-09 4.6
A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials...
CVE-2017-12342 1 Cisco 1 Nx-os 2019-10-09 4.6
A vulnerability in the Open Agent Container (OAC) feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal...
CVE-2017-12249 1 Cisco 1 Meeting Server 2019-10-09 9.0
A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain unauthenticated or unauthorized access to components of or sensitive information in an...
CVE-2017-18129 1 Qualcomm 5 Mdm9206 Firmware, Mdm9607 Firmware, Msm8996 Firmware and 2 more 2019-10-03 10.0
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelerator) channels owned by one security domain to...
CVE-2017-15393 2 Google, Debian 2 Chrome, Debian Linux 2019-10-03 6.8
Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak.