National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 18 hours 56 min ago

CVE-2017-16069

Wed, 06/06/2018 - 22:29
nodeffmpeg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Categories: Security News

CVE-2017-16070

Wed, 06/06/2018 - 22:29
nodecaffe was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Categories: Security News

CVE-2017-16071

Wed, 06/06/2018 - 22:29
nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Categories: Security News

CVE-2017-16072

Wed, 06/06/2018 - 22:29
nodemailer.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Categories: Security News

CVE-2017-16073

Wed, 06/06/2018 - 22:29
noderequest was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Categories: Security News

CVE-2017-18154

Wed, 06/06/2018 - 17:29
A crafted binder request can cause an arbitrary unmap in MediaServer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-3562

Wed, 06/06/2018 - 17:29
Buffer over -read can occur while processing a FILS authentication frame in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-3565

Wed, 06/06/2018 - 17:29
While sending a probe request indication in lim_send_sme_probe_req_ind() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overflow can occur.
Categories: Security News

CVE-2018-3578

Wed, 06/06/2018 - 17:29
Type mismatch for ie_len can cause the WLAN driver to allocate less memory on the heap due to implicit casting leading to a heap buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-3580

Wed, 06/06/2018 - 17:29
Stack-based buffer overflow can occur In the WLAN driver if the pmkid_count value is larger than the PMKIDCache size in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-3852

Wed, 06/06/2018 - 17:29
An exploitable denial of service vulnerability exists in the Ocularis Recorder functionality of Ocularis 5.5.0.242. A specially crafted TCP packet can cause a process to terminate resulting in denial of service. An attacker can send a crafted TCP packet to trigger this vulnerability.
Categories: Security News

CVE-2018-5840

Wed, 06/06/2018 - 17:29
Buffer Copy without Checking Size of Input can occur during the DRM SDE driver initialization sequence in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-5841

Wed, 06/06/2018 - 17:29
dcc_curr_list is initialized with a default invalid value that is expected to be programmed by the user through a sysfs node which could lead to an invalid access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-5845

Wed, 06/06/2018 - 17:29
A race condition in drm_atomic_nonblocking_commit() in the display driver can potentially lead to a Use After Free scenario in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-5846

Wed, 06/06/2018 - 17:29
A Use After Free condition can occur in the IPA driver whenever the IPA IOCTLs IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_ADD/IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_DEL/IPA_IOC_NOTIFY_WAN_EMBMS_CONNECTED are called in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-5850

Wed, 06/06/2018 - 17:29
In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2017-7906

Wed, 06/06/2018 - 16:29
In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which may allow an attacker to launch a request impersonating that user.
Categories: Security News

CVE-2017-7931

Wed, 06/06/2018 - 16:29
In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the configuration files and application pages without authentication.
Categories: Security News

CVE-2017-7933

Wed, 06/06/2018 - 16:29
In ABB IP GATEWAY 3.39 and prior, some configuration files contain passwords stored in plain-text, which may allow an attacker to gain unauthorized access.
Categories: Security News

CVE-2018-10198

Wed, 06/06/2018 - 16:29
An issue was discovered in OTRS 6.0.x before 6.0.7. An attacker who is logged into OTRS as a customer can use the ticket overview screen to disclose internal article information of their customer tickets.
Categories: Security News

Pages