National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 8 hours 47 min ago

CVE-2015-3006

Fri, 02/28/2020 - 18:15
On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been up and running for some time, but immediately after boot, the entropy is very low. This issue only affects the QFX3500 and QFX3600 switches. No other Juniper Networks products or platforms are affected by this weak entropy vulnerability.
Categories: Security News

CVE-2015-5361

Fri, 02/28/2020 - 18:15
Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.​ Note that the ftps-extensions option is not enabled by default.
Categories: Security News

CVE-2020-6803

Fri, 02/28/2020 - 18:15
An open redirect is present on the gateway's login page, which could cause a user to be redirected to a malicious site after logging in.
Categories: Security News

CVE-2020-6804

Fri, 02/28/2020 - 18:15
A reflected XSS vulnerability exists within the gateway, allowing an attacker to craft a specialized URL which could steal the user's authentication token. When combined with CVE-2020-6803, an attacker could fully compromise the system.
Categories: Security News

CVE-2019-4301

Fri, 02/28/2020 - 17:15
BigFix Self-Service Application (SSA) is vulnerable to arbitrary code execution if Javascript code is included in Running Message or Post Message HTML.
Categories: Security News

CVE-2019-7007

Fri, 02/28/2020 - 17:15
A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier. Successful exploitation could potentially allow an unauthenticated attacker to access files that are outside the restricted directory on the remote server.
Categories: Security News

CVE-2019-10803

Fri, 02/28/2020 - 16:15
push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abused by an attacker to inject arbitrary commands.
Categories: Security News

CVE-2019-10804

Fri, 02/28/2020 - 16:15
serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation.
Categories: Security News

CVE-2019-10805

Fri, 02/28/2020 - 16:15
valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function (hasOwnProperty) from the unsafe user-input to examine an object. It is possible for a crafted payload to overwrite this function to manipulate the inspection results to bypass security checks.
Categories: Security News

CVE-2020-9449

Fri, 02/28/2020 - 16:15
An insecure random number generation vulnerability in BlaB! AX, BlaB! AX Pro, BlaB! WS (client), and BlaB! WS Pro (client) version 19.11 allows an attacker (with a guest or user session cookie) to escalate privileges by retrieving the cookie salt value and creating a valid session cookie for an arbitrary user or admin.
Categories: Security News

CVE-2020-9459

Fri, 02/28/2020 - 16:15
Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webnus Modern Events Calendar Lite plugin through 5.1.6 for WordPress allows remote authenticated users (with minimal permissions) to inject arbitrary JavaScript, HTML, or CSS via Ajax actions. This affects mec_save_notifications and import_settings.
Categories: Security News

CVE-2018-21035

Fri, 02/28/2020 - 16:15
In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).
Categories: Security News

CVE-2019-10801

Fri, 02/28/2020 - 16:15
enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization.
Categories: Security News

CVE-2019-10802

Fri, 02/28/2020 - 16:15
giting version prior to 0.0.8 allows execution of arbritary commands. The first argument "repo" of function "pull()" is executed by the package without any validation.
Categories: Security News

CVE-2019-15609

Fri, 02/28/2020 - 15:15
The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection vulnerability.
Categories: Security News

CVE-2019-19943

Fri, 02/28/2020 - 15:15
The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. It may be possible to achieve remote code execution because of a double free.
Categories: Security News

CVE-2020-8127

Fri, 02/28/2020 - 15:15
Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks.
Categories: Security News

CVE-2020-8132

Fri, 02/28/2020 - 15:15
Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input.
Categories: Security News

CVE-2020-9465

Fri, 02/28/2020 - 15:15
An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the user_id field in a cookie.
Categories: Security News

CVE-2020-9466

Fri, 02/28/2020 - 15:15
The Export Users to CSV plugin through 1.4.2 for WordPress allows CSV Injection.
Categories: Security News

Pages