National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 4 hours 31 min ago

CVE-2018-7311

Wed, 02/21/2018 - 17:29
** DISPUTED ** PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability. The software installs a privileged helper tool that runs as the root user. This privileged helper tool is installed as a LaunchDaemon and implements an XPC service. The XPC service is responsible for handling new VPN connection operations via the main PrivateVPN application. The privileged helper tool creates new VPN connections by executing the openvpn binary located in the /Applications/PrivateVPN.app/Contents/Resources directory. The openvpn binary can be overwritten by the default user, which allows an attacker that has already installed malicious software as the default user to replace the binary. When a new VPN connection is established, the privileged helper tool will launch this malicious binary, thus allowing an attacker to execute code as the root user. NOTE: the vendor has reportedly indicated that this behavior is "an acceptable part of their software."
Categories: Security News

CVE-2017-1462

Wed, 02/21/2018 - 16:29
IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128461.
Categories: Security News

CVE-2017-1604

Wed, 02/21/2018 - 16:29
IBM Maximo Anywhere 7.5 and 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132851.
Categories: Security News

CVE-2017-1758

Wed, 02/21/2018 - 16:29
IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1) is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 135859.
Categories: Security News

CVE-2018-7308

Wed, 02/21/2018 - 16:29
A CSRF issue was found in var/www/html/files.php in DanWin hosting through 2018-02-11 that allows arbitrary remote users to add/delete/modify any files in any hosting account.
Categories: Security News

CVE-2018-7302

Wed, 02/21/2018 - 15:29
Tiki 17.1 allows upload of a .PNG file that actually has SVG content, leading to XSS.
Categories: Security News

CVE-2018-7303

Wed, 02/21/2018 - 15:29
The Calendar component in Tiki 17.1 allows HTML injection.
Categories: Security News

CVE-2018-7304

Wed, 02/21/2018 - 15:29
Tiki 17.1 does not validate user input for special characters; consequently, a CSV Injection attack can open a CMD.EXE or Calculator window on the victim machine to perform malicious activity, as demonstrated by an "=cmd|' /C calc'!A0" payload during User Creation.
Categories: Security News

CVE-2018-7305

Wed, 02/21/2018 - 15:29
MyBB 1.8.14 is not checking for a valid CSRF token, leading to arbitrary deletion of user accounts.
Categories: Security News

CVE-2017-12161

Wed, 02/21/2018 - 13:29
It was found that keycloak before 3.4.2 final would permit misuse of a client-side /etc/hosts entry to spoof a URL in a password reset request. An attacker could use this flaw to craft a malicious password reset request and gain a valid reset token, leading to information disclosure or further attacks.
Categories: Security News

CVE-2018-7289

Wed, 02/21/2018 - 13:29
An issue was discovered in armadito-windows-driver/src/communication.c in Armadito 0.12.7.2. Malware with filenames containing pure UTF-16 characters can bypass detection. The user-mode service will fail to open the file for scanning after the conversion is done from Unicode to ANSI. This happens because characters that cannot be converted from Unicode are replaced with '?' characters.
Categories: Security News

CVE-2018-7261

Wed, 02/21/2018 - 11:29
There are multiple Persistent XSS vulnerabilities in Radiant CMS 1.1.4. They affect Personal Preferences (Name and Username) and Configuration (Site Title, Dev Site Domain, Page Parts, and Page Fields).
Categories: Security News

CVE-2018-7280

Wed, 02/21/2018 - 11:29
The Ninja Forms plugin before 3.2.14 for WordPress has XSS.
Categories: Security News

CVE-2013-4891

Wed, 02/21/2018 - 11:29
The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag.
Categories: Security News

CVE-2015-5314

Wed, 02/21/2018 - 11:29
The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message.
Categories: Security News

CVE-2015-5315

Wed, 02/21/2018 - 11:29
The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message.
Categories: Security News

CVE-2015-5316

Wed, 02/21/2018 - 11:29
The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an EAP-pwd Confirm message followed by the Identity exchange.
Categories: Security News

CVE-2015-5725

Wed, 02/21/2018 - 11:29
SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable.
Categories: Security News

CVE-2016-0343

Wed, 02/21/2018 - 11:29
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 111784.
Categories: Security News

CVE-2016-0344

Wed, 02/21/2018 - 11:29
Cross-site scripting (XSS) vulnerability in the My Reports component in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 111785.
Categories: Security News

Pages