| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1251 |
CVE-2017-15065 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on ASUS CM-32 devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from ASUS. |
|
1252 |
CVE-2017-15066 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various AVM FRITZ!Box devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from AVM. |
|
1253 |
CVE-2017-15067 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Compal devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Compal. |
|
1254 |
CVE-2017-15068 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Comcast branded devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Comcast. |
|
1255 |
CVE-2017-15069 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Hitron devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Hitron. |
|
1256 |
CVE-2017-15070 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Linksys devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Linksys. |
|
1257 |
CVE-2017-15071 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on NETGEAR C6300, CM400, CM700, and CMD31T devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from NETGEAR. |
|
1258 |
CVE-2017-15072 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Quantenna devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Quantenna. |
|
1259 |
CVE-2017-15073 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on Samsung Home Media Server devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Samsung. |
|
1260 |
CVE-2017-15074 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on SMC D3G2408 devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from SMC. |
|
1261 |
CVE-2017-15075 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on various Technicolor (formerly branded as Cisco) devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Technicolor. |
|
1262 |
CVE-2017-15076 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** DISPUTED ** The Intel Puma 5, 6, and 7 chips, as used on Telstra branded NETGEAR C6300BD devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Telstra. NOTE: NETGEAR states "This vulnerability does not affect the following products: C6300BD-Telstra." |
|
1263 |
CVE-2017-15077 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on UPC branded Compal CH7465-LG devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports, a related issue to CVE-2017-15067. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from UPC. |
|
1264 |
CVE-2017-15078 |
|
|
DoS |
2017-10-06 |
2017-10-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Intel Puma 5, 6, and 7 chips, as used on Virgin Media branded Arris TG2492 devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports, a related issue to CVE-2017-15064. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Virgin Media. |
|
1265 |
CVE-2017-16011 |
|
|
|
2018-06-04 |
2018-06-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
jQuery is a javascript library for DOM manipulation. jQuery's main method in affected versions (>=1.7.1 <=1.8.3) contains an unreliable way of detecting whether the input to the `jQuery(strInput)` function is intended to be a selector or HTML. |
|
1266 |
CVE-2017-16012 |
|
|
Exec Code |
2018-06-04 |
2018-06-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Jquery is a javascript library for DOM traversal and manipulation, event handling, animation, and Ajax. When text/javascript responses are received from cross-origin ajax requests not containing the option `dataType`, the result is executed in `jQuery.globalEval` potentially allowing an attacker to execute arbitrary code on the origin. This affects Jquery >=1.4.0 <=1.11.3 || >=1.12.4 <=2.2.4. |
|
1267 |
CVE-2017-20098 |
|
|
XSS |
2022-06-27 |
2022-06-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in Admin Custom Login Plugin 2.4.5.2. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting (Persistent). It is possible to launch the attack remotely. |
|
1268 |
CVE-2017-20099 |
|
|
|
2022-06-27 |
2022-06-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in Analytics Stats Counter Statistics Plugin 1.2.2.5 and classified as critical. This issue affects some unknown processing. The manipulation leads to code injection. The attack may be initiated remotely. |
|
1269 |
CVE-2017-20100 |
|
|
XSS |
2022-06-27 |
2022-06-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in Air Transfer 1.0.14/1.2.1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. |
|
1270 |
CVE-2017-20101 |
|
|
|
2022-06-27 |
2022-06-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zip_download. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely. |
|
1271 |
CVE-2017-20102 |
|
|
|
2022-06-27 |
2022-06-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in Album Lock 4.0 and classified as critical. Affected by this issue is some unknown functionality of the file /getImage. The manipulation of the argument filePaht leads to path traversal. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. |
|
1272 |
CVE-2017-20103 |
|
|
Sql |
2022-06-27 |
2022-06-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability classified as critical has been found in Kama Click Counter Plugin up to 3.4.8. This affects an unknown part of the file wp-admin/admin.php. The manipulation of the argument order_by/order with the input ASC%2c(select*from(select(sleep(2)))a) leads to sql injection (Blind). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.4.9 is able to address this issue. It is recommended to upgrade the affected component. |
|
1273 |
CVE-2017-20104 |
|
|
Sql |
2022-06-28 |
2022-06-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWA_SID leads to sql injection (Time). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.8.3 is able to address this issue. It is recommended to upgrade the affected component. |
|
1274 |
CVE-2017-20105 |
|
|
|
2022-06-28 |
2022-06-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in Simplessus 3.7.7. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument path with the input ..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.8.3 is able to address this issue. It is recommended to upgrade the affected component. |
|
1275 |
CVE-2017-20106 |
|
|
|
2022-06-28 |
2022-06-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument upload_url leads to server-side request forgery. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. |
|
1276 |
CVE-2017-20107 |
|
|
|
2022-06-28 |
2022-06-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability, which was classified as problematic, was found in ShadeYouVPN.com Client 2.0.1.11. Affected is an unknown function. The manipulation leads to improper privilege management. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1.12 is able to address this issue. It is recommended to upgrade the affected component. |
|
1277 |
CVE-2017-20108 |
|
|
XSS |
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability classified as problematic has been found in Easy Table Plugin 1.6. This affects an unknown part of the file /wordpress/wp-admin/options-general.php. The manipulation with the input "><script>alert(1)</script> leads to basic cross site scripting. It is possible to initiate the attack remotely. |
|
1278 |
CVE-2017-20109 |
|
|
|
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability classified as problematic was found in Teleopti WFM up to 7.1.0. Affected by this vulnerability is an unknown functionality of the file /TeleoptiWFM/Administration/GetOneTenant of the component Administration. The manipulation leads to information disclosure (Credentials). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. |
|
1279 |
CVE-2017-20110 |
|
|
|
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability, which was classified as problematic, has been found in Teleopti WFM up to 7.1.0. Affected by this issue is some unknown functionality of the component Administration. The manipulation as part of JSON leads to information disclosure (Credentials). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. |
|
1280 |
CVE-2017-20111 |
|
|
|
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability, which was classified as critical, was found in Teleopti WFM 7.1.0. This affects an unknown part of the component Administration. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. |
|
1281 |
CVE-2017-20112 |
|
|
|
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability has been found in IVPN Client 2.6.6120.33863 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument --up cmd leads to improper privilege management. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.6.2 is able to address this issue. It is recommended to upgrade the affected component. |
|
1282 |
CVE-2017-20113 |
|
|
XSS |
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This affects an unknown part. The manipulation leads to basic cross site scripting (Stored). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. |
|
1283 |
CVE-2017-20114 |
|
|
XSS |
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This vulnerability affects unknown code of the file /admin/conferences/get-all-status/. The manipulation of the argument keys[] leads to basic cross site scripting (Reflected). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. |
|
1284 |
CVE-2017-20115 |
|
|
XSS |
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue affects some unknown processing of the file /admin/conferences/list/. The manipulation of the argument sort leads to basic cross site scripting (Reflected). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. |
|
1285 |
CVE-2017-20116 |
|
|
XSS |
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic. Affected is an unknown function of the file /admin/group/list/. The manipulation of the argument checked_group_id leads to basic cross site scripting (Reflected). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. |
|
1286 |
CVE-2017-20117 |
|
|
XSS |
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to basic cross site scripting (DOM). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. |
|
1287 |
CVE-2017-20118 |
|
|
XSS |
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/conferences/list/. The manipulation of the argument domxss leads to basic cross site scripting (DOM). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. |
|
1288 |
CVE-2017-20119 |
|
|
|
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. This affects an unknown part of the file /admin/general/change-lang. The manipulation of the argument redirect_url leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. |
|
1289 |
CVE-2017-20120 |
|
|
CSRF |
2022-06-29 |
2022-06-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. |
|
1290 |
CVE-2017-20121 |
|
|
|
2022-06-30 |
2022-06-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Database Management. The manipulation leads to improper privilege management. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. |
|
1291 |
CVE-2017-20122 |
|
|
XSS |
2022-06-30 |
2022-06-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability classified as problematic was found in Bitrix Site Manager 12.06.2015. Affected by this vulnerability is an unknown functionality of the component Contact Form. The manipulation of the argument text with the input <img src="http://1"; on onerror="$(’p').text(’Hacked’)" /> leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. |
|
1292 |
CVE-2017-20123 |
|
|
|
2022-06-30 |
2022-06-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This affects an unknown part of the component DLL Handler. The manipulation leads to untrusted search path. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.6.8 is able to address this issue. It is recommended to upgrade the affected component. |
|
1293 |
CVE-2017-20124 |
|
|
Sql |
2022-06-30 |
2022-06-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability classified as critical has been found in Online Hotel Booking System Pro Plugin 1.0. Affected is an unknown function of the file /front/roomtype-details.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. |
|
1294 |
CVE-2017-20125 |
|
|
Sql |
2022-06-30 |
2022-06-30 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. Affected by this vulnerability is an unknown functionality of the file /roomtype-details.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. |
|
1295 |
CVE-2017-1000449 |
|
|
Overflow |
2018-01-02 |
2018-01-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
BitThunder 0.9.2 stable is vulnerable to a buffer overflow in dtb_reverse.c file resulting in information disclosure |
|
1296 |
CVE-2018-1471 |
|
|
|
2018-04-27 |
2018-04-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
IBM BigFix Platform 9.2 and 9.5 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 140689. |
|
1297 |
CVE-2018-3617 |
|
|
|
2018-05-10 |
2018-05-25 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U2.1 do not properly ensure constant execution time. |
|
1298 |
CVE-2018-5191 |
|
|
CSRF |
2018-01-03 |
2018-01-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
/usr/local/www/csrf/csrf-magic.php in the WebGUI in pfSense before 2.4.2-RELEASE allows Clickjacking on the CSRF error page because the error detection occurs before an X-Frame-Options header is set. |
|
1299 |
CVE-2018-7106 |
|
|
|
2018-09-27 |
2018-10-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to disclose sensitive information. |
|
1300 |
CVE-2018-7207 |
|
|
+Info |
2018-02-17 |
2018-02-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
National Payments Corporation of India (NPCI) Bharat Interface for Money (aka BHIM) 1.4.1 sends messages to undocumented telephone numbers in conjunction with logout/login actions, which allows remote attackers to obtain sensitive information. |
