National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 19 hours 35 min ago

CVE-2017-2612

Tue, 05/15/2018 - 16:29
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK.
Categories: Security News

CVE-2018-1262

Tue, 05/15/2018 - 16:29
Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. A zone administrator could configure their zone to issue tokens which impersonate another zone, granting up to admin privileges in the impersonated zone for clients performing offline token validation.
Categories: Security News

CVE-2018-1263

Tue, 05/15/2018 - 16:29
Addresses partial fix in CVE-2018-1261. Pivotal spring-integration-zip, versions prior to 1.0.2, exposes an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder.
Categories: Security News

CVE-2018-11094

Tue, 05/15/2018 - 15:29
An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and other details are retrieved.
Categories: Security News

CVE-2017-2815

Tue, 05/15/2018 - 13:29
An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2.6.0. A specially crafted web request can cause the retrieval of arbitrary files or denial of service. An authenticated attacker can send a crafted web request to trigger this vulnerability.
Categories: Security News

CVE-2018-11126

Tue, 05/15/2018 - 13:29
dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that results in adding an administrator account.
Categories: Security News

CVE-2018-11127

Tue, 05/15/2018 - 13:29
e107 2.1.7 has CSRF resulting in arbitrary user deletion.
Categories: Security News

CVE-2018-1087

Tue, 05/15/2018 - 12:29
kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.
Categories: Security News

CVE-2018-11125

Tue, 05/15/2018 - 12:29
Tencent RapidJSON 1.1.0 has a heap-based buffer over-read in the Peek function in stream.h.
Categories: Security News

CVE-2018-11105

Tue, 05/15/2018 - 11:29
There is stored cross site scripting in the wp-live-chat-support plugin before 8.0.08 for WordPress via the "name" (aka wplc_name) and "email" (aka wplc_email) input fields to wp-json/wp_live_chat_support/v1/start_chat whenever a malicious attacker would initiate a new chat with an administrator. NOTE: this issue exists because of an incomplete fix for CVE-2018-9864.
Categories: Security News

CVE-2018-3611

Tue, 05/15/2018 - 10:29
Bounds check vulnerability in User Mode Driver in Intel Graphics Driver 15.40.x.4 and 21.20.x.x allows unprivileged user to cause a denial of service via local access.
Categories: Security News

CVE-2018-3634

Tue, 05/15/2018 - 10:29
Parameter corruption in NDIS filter driver in Intel Online Connect Access 1.9.22.0 allows an attacker to cause a denial of service via local access.
Categories: Security News

CVE-2018-3661

Tue, 05/15/2018 - 10:29
Buffer overflow in Intel system Configuration utilities selview.exe and syscfg.exe before version 14 build 11 allows a local user to crash these services potentially resulting in a denial of service.
Categories: Security News

CVE-2018-1131

Tue, 05/15/2018 - 09:29
Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. A user with authenticated access to the server could send a malicious object to a cache configured to accept certain types of objects, achieving code execution and possible further attacks. Versions 9.0.3.Final, 9.1.7.Final, 8.2.10.Final, 9.2.2.Final, 9.3.0.Alpha1 are believed to be affected.
Categories: Security News

CVE-2018-10825

Tue, 05/15/2018 - 00:29
Mimo Baby 2 devices do not use authentication or encryption for the Bluetooth Low Energy (BLE) communication from a Turtle to a Lilypad, which allows attackers to inject fake information about the position and temperature of a baby via a replay or spoofing attack.
Categories: Security News

CVE-2018-11102

Mon, 05/14/2018 - 22:29
An issue was discovered in Libav 12.3. A read access violation in the mov_probe function in libavformat/mov.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.
Categories: Security News

CVE-2018-11097

Mon, 05/14/2018 - 21:29
An issue was discovered in cloudwu/cstring through 2016-11-09. There is a memory leak vulnerability that could lead to a program crash.
Categories: Security News

CVE-2018-11098

Mon, 05/14/2018 - 21:29
An issue was discovered in Frog CMS 0.9.5. There is a file upload vulnerability via the admin/?/plugin/file_manager/upload URI, a similar issue to CVE-2014-4912.
Categories: Security News

CVE-2018-11100

Mon, 05/14/2018 - 21:29
The decompileSETTARGET function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact.
Categories: Security News

CVE-2018-11095

Mon, 05/14/2018 - 20:29
The decompileJUMP function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact.
Categories: Security News

Pages