Skip to main content
CVE-2017-3736 MEDIUM PATCH This Month

There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Intel Amd OpenSSL Information Disclosure
NVD GitHub
CVSS 3.0
6.5
EPSS
8.5%
CVE-2017-12274 MEDIUM This Month

A vulnerability in Extensible Authentication Protocol (EAP) ingress frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Aironet 1562 Firmware Aironet 2800 Firmware Aironet 3800 Firmware
NVD
CVSS 3.0
6.5
EPSS
0.7%
CVE-2017-12273 MEDIUM This Month

A vulnerability in 802.11 association request frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio frequency (RF) adjacent. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Aironet 1562 Firmware Aironet 2800 Firmware Aironet 3800 Firmware
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-12278 MEDIUM This Month

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart,. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Wireless Lan Controller Software
NVD
CVSS 3.0
6.3
EPSS
0.8%
CVE-2017-12283 MEDIUM This Month

A vulnerability in the handling of 802.11w Protected Management Frames (PAF) by Cisco Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Aironet 3800 Firmware
NVD
CVSS 3.0
6.1
EPSS
0.4%
CVE-2017-12282 MEDIUM This Month

A vulnerability in the Access Network Query Protocol (ANQP) ingress frame processing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, Layer 2 RF-adjacent attacker to. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Wireless Lan Controller Software
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-12294 MEDIUM This Month

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected system. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Webex Meetings Server
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-12295 MEDIUM This Month

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Webex Meetings Server
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2017-12279 MEDIUM This Month

A vulnerability in the packet processing code of Cisco IOS Software for Cisco Aironet Access Points could allow an unauthenticated, adjacent attacker to retrieve content from memory on an affected. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Cisco Information Disclosure Aironet Ap Firmware
NVD
CVSS 3.0
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy