National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 9 hours 59 min ago

CVE-2017-1000195

Thu, 11/16/2017 - 21:29
October CMS build 412 is vulnerable to PHP object injection in asset move functionality resulting in ability to delete files limited by file permissions on the server.
Categories: Security News

CVE-2017-1000196

Thu, 11/16/2017 - 21:29
October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulting in site compromise and possibly other applications on the server.
Categories: Security News

CVE-2017-1000197

Thu, 11/16/2017 - 21:29
October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server.
Categories: Security News

CVE-2017-1000198

Thu, 11/16/2017 - 21:29
tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service
Categories: Security News

CVE-2017-1000199

Thu, 11/16/2017 - 21:29
tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root privileges.
Categories: Security News

CVE-2017-1000200

Thu, 11/16/2017 - 21:29
tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service
Categories: Security News

CVE-2017-1000174

Thu, 11/16/2017 - 20:29
In SWFTools, an address access exception was found in swfdump swf_GetBits().
Categories: Security News

CVE-2017-1000176

Thu, 11/16/2017 - 20:29
In SWFTools, a memcpy buffer overflow was found in swfc.
Categories: Security News

CVE-2017-1000182

Thu, 11/16/2017 - 20:29
In SWFTools, a memory leak was found in wav2swf.
Categories: Security News

CVE-2017-1000185

Thu, 11/16/2017 - 20:29
In SWFTools, a memcpy buffer overflow was found in gif2swf.
Categories: Security News

CVE-2017-1000186

Thu, 11/16/2017 - 20:29
In SWFTools, a stack overflow was found in pdf2swf.
Categories: Security News

CVE-2017-1000187

Thu, 11/16/2017 - 20:29
In SWFTools, an address access exception was found in pdf2swf. FoFiTrueType::writeTTF()
Categories: Security News

CVE-2017-1000210

Thu, 11/16/2017 - 20:29
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
Categories: Security News

CVE-2017-1000213

Thu, 11/16/2017 - 20:29
WBCE v1.1.11 is vulnerable to reflected XSS via the "begriff" POST parameter in /admin/admintools/tool.php?tool=user_search
Categories: Security News

CVE-2017-1000220

Thu, 11/16/2017 - 20:29
soyuka/pidusage <=1.1.4 is vulnerable to command injection in the module resulting in arbitrary command execution
Categories: Security News

CVE-2017-1000218

Thu, 11/16/2017 - 19:29
LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution.
Categories: Security News

CVE-2017-1000219

Thu, 11/16/2017 - 19:29
npm/KyleRoss windows-cpu all versions vulnerable to command injection resulting in code execution as Node.js user
Categories: Security News

CVE-2017-1000224

Thu, 11/16/2017 - 19:29
CSRF in YouTube (WordPress plugin) could allow unauthenticated attacker to change any setting within the plugin
Categories: Security News

CVE-2017-15517

Thu, 11/16/2017 - 19:29
AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to obtain sensitive information via unspecified vectors. All users are urged to move to a fixed version and change passwords used by Veritas NetBackup to access the OST shares on the NetApp AltaVault as a precaution.
Categories: Security News

CVE-2017-0850

Thu, 11/16/2017 - 18:29
An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-64836941.
Categories: Security News

Pages