National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 21 hours 21 min ago

CVE-2018-6970

Mon, 08/13/2018 - 17:48
VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privileged process running on a system where Horizon Connection Server, Horizon Agent or Horizon Client are installed. Note: This issue doesn't apply to Horizon 6, 7 Agents installed on Linux systems or Horizon Clients installed on non-Windows systems.
Categories: Security News

CVE-2018-14781

Mon, 08/13/2018 - 17:48
Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G The models identified above, when paired with a remote controller and having the "easy bolus" and "remote bolus" options enabled (non-default), are vulnerable to a capture-replay attack. An attacker can capture the wireless transmissions between the remote controller and the pump and replay them to cause an insulin (bolus) delivery.
Categories: Security News

CVE-2018-15123

Mon, 08/13/2018 - 17:48
Insecure configuration storage in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118 allows remote attacker perform new attack vectors and take under control device and smart home.
Categories: Security News

CVE-2018-15124

Mon, 08/13/2018 - 17:48
Weak hashing algorithm in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118 allows unauthenticated attacker extract clear text passwords and get root access on the device.
Categories: Security News

CVE-2018-15125

Mon, 08/13/2018 - 17:48
Sensitive Information Disclosure in Zipato Zipabox Smart Home Controller allows remote attacker get sensitive information that expands attack surface.
Categories: Security News

CVE-2018-10634

Mon, 08/13/2018 - 17:47
Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G communications between the pump and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.
Categories: Security News

CVE-2018-10636

Mon, 08/13/2018 - 17:47
CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has multiple stack-based buffer overflow vulnerabilities that could cause the software to crash due to lacking user input validation before copying data from project files onto the stack. Which may allow an attacker to gain remote code execution with administrator privileges if exploited.
Categories: Security News

CVE-2018-10598

Mon, 08/13/2018 - 17:47
CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has two out-of-bounds read vulnerabilities could cause the software to crash due to lacking user input validation for processing project files. Which may allow an attacker to gain remote code execution with administrator privileges if exploited.
Categories: Security News

CVE-2018-3781

Mon, 08/13/2018 - 15:29
A missing sanitization of search results for an autocomplete field in NextCloud Talk <3.2.5 could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could only be crafted by authenticated users.
Categories: Security News

CVE-2018-3780

Mon, 08/13/2018 - 15:29
A missing sanitization of search results for an autocomplete field in NextCloud Server <13.0.5 could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could only be crafted by authenticated users.
Categories: Security News

CVE-2018-15145

Mon, 08/13/2018 - 14:29
Multiple SQL injection vulnerabilities in portal/add_edit_event_user.php in versions of OpenEMR before 5.0.1.4 allow a remote attacker to execute arbitrary SQL commands via the (1) eid, (2) userid, or (3) pid parameter.
Categories: Security News

CVE-2018-15139

Mon, 08/13/2018 - 14:29
Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.
Categories: Security News

CVE-2018-15140

Mon, 08/13/2018 - 14:29
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to read arbitrary files via the "docid" parameter when the mode is set to get.
Categories: Security News

CVE-2018-15141

Mon, 08/13/2018 - 14:29
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to delete arbitrary files via the "docid" parameter when the mode is set to delete.
Categories: Security News

CVE-2018-15142

Mon, 08/13/2018 - 14:29
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to execute arbitrary PHP code by writing a file with a PHP extension via the "docid" and "content" parameters and accessing it in the traversed directory.
Categories: Security News

CVE-2018-15143

Mon, 08/13/2018 - 14:29
Multiple SQL injection vulnerabilities in portal/find_appt_popup_user.php in versions of OpenEMR before 5.0.1.4 allow a remote attacker to execute arbitrary SQL commands via the (1) catid or (2) providerid parameter.
Categories: Security News

CVE-2018-15144

Mon, 08/13/2018 - 14:29
SQL injection vulnerability in interface/de_identification_forms/find_drug_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the search_term parameter.
Categories: Security News

CVE-2018-13417

Mon, 08/13/2018 - 13:29
In Vuze Bittorrent Client 5.7.6.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same permission as the user account running Vuze, (2) Initiate SMB connections to capture a NetNTLM challenge/response and crack to cleartext password, or (3) Initiate SMB connections to relay a NetNTLM challenge/response and achieve Remote Command Execution in Windows domains.
Categories: Security News

CVE-2018-14849

Mon, 08/13/2018 - 13:29
Tiki before 18.2, 15.7 and 12.14 has XSS via link attributes, related to lib/core/WikiParser/OutputLink.php and lib/parser/parserlib.php.
Categories: Security News

CVE-2018-14850

Mon, 08/13/2018 - 13:29
Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image.
Categories: Security News

Pages