National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 10 hours 53 min ago

CVE-2017-16030

Mon, 06/04/2018 - 15:29
Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and server to block. This affects Useragent 2.1.12 and earlier.
Categories: Security News

CVE-2017-16031

Mon, 06/04/2018 - 15:29
Socket.io is a realtime application framework that provides communication via websockets. Because socket.io 0.9.6 and earlier depends on `Math.random()` to create socket IDs, the IDs are predictable. An attacker is able to guess the socket ID and gain access to socket.io servers, potentially obtaining sensitive information.
Categories: Security News

CVE-2017-16035

Mon, 06/04/2018 - 15:29
The hubl-server module is a wrapper for the HubL Development Server. During installation hubl-server downloads a set of dependencies from api.hubapi.com. It appears in the code that these files are downloaded over HTTPS however the api.hubapi.com endpoint redirects to a HTTP url. Because of this behavior an attacker with the ability to man-in-the-middle a developer or system performing a package installation could compromise the integrity of the installation.
Categories: Security News

CVE-2017-16036

Mon, 06/04/2018 - 15:29
`badjs-sourcemap-server` recieves files sent by `badjs-sourcemap`. `badjs-sourcemap-server` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Categories: Security News

CVE-2017-16037

Mon, 06/04/2018 - 15:29
`gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing attackers to access any file in the system by placing '../' in the URL.
Categories: Security News

CVE-2017-16038

Mon, 06/04/2018 - 15:29
`f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by `f2e-server` requiring elevated privileges to run.
Categories: Security News

CVE-2017-16039

Mon, 06/04/2018 - 15:29
`hftp` is a static http or ftp server `hftp` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Categories: Security News

CVE-2016-10695

Mon, 06/04/2018 - 15:29
The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server.
Categories: Security News

CVE-2016-10696

Mon, 06/04/2018 - 15:29
windows-latestchromedriver downloads the latest version of chromedriver.exe. windows-latestchromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server.
Categories: Security News

CVE-2016-10697

Mon, 06/04/2018 - 15:29
react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server.
Categories: Security News

CVE-2016-8390

Mon, 06/04/2018 - 15:29
An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Dissassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file with specific section headers to trigger this vulnerability.
Categories: Security News

CVE-2017-0928

Mon, 06/04/2018 - 15:29
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the '_sanitized' variable causing sanitization to be bypassed.
Categories: Security News

CVE-2017-0930

Mon, 06/04/2018 - 15:29
augustine node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path.
Categories: Security News

CVE-2017-0931

Mon, 06/04/2018 - 15:29
html-janitor node module suffers from a Cross-Site Scripting (XSS) vulnerability via clean() accepting user-controlled values.
Categories: Security News

CVE-2017-16005

Mon, 06/04/2018 - 15:29
Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions <=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header names and change the meaning of the request without changing the signature.
Categories: Security News

CVE-2017-16006

Mon, 06/04/2018 - 15:29
Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkable allows the use of `data:` URIs in links and can therefore execute javascript.
Categories: Security News

CVE-2017-16007

Mon, 06/04/2018 - 15:29
node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers. node-jose earlier than version 0.9.3 is vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static (ECDH-ES) is used.
Categories: Security News

CVE-2017-16008

Mon, 06/04/2018 - 15:29
i18next is a language translation framework. Because of how the interpolation is implemented, making replacements from the dictionary one at a time, untrusted user input can use the name of one of the dictionary keys to inject script into the browser. This affects i18next <=1.10.2.
Categories: Security News

CVE-2017-16009

Mon, 06/04/2018 - 15:29
ag-grid is an advanced data grid that is library agnostic. ag-grid is vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if AngularJS is used in combination with ag-grid.
Categories: Security News

CVE-2017-16011

Mon, 06/04/2018 - 15:29
jQuery is a javascript library for DOM manipulation. jQuery's main method in affected versions (>=1.7.1 <=1.8.3) contains an unreliable way of detecting whether the input to the `jQuery(strInput)` function is intended to be a selector or HTML.
Categories: Security News

Pages