National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 6 hours 33 min ago

CVE-2018-11482

Wed, 05/30/2018 - 17:29
/usr/lib/lua/luci/websys.lua on TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices has a hardcoded zMiVw8Kw0oxKXL0 password.
Categories: Security News

CVE-2018-11565

Wed, 05/30/2018 - 17:29
Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to mentioning the usernames that are already taken by people registered in the system rather than masking that information.
Categories: Security News

CVE-2018-7534

Wed, 05/30/2018 - 17:29
In Stealth Authorization Server before 3.3.017.0 in Unisys Stealth Solution, an encryption key may be left in memory.
Categories: Security News

CVE-2018-10995

Wed, 05/30/2018 - 16:29
SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields).
Categories: Security News

CVE-2018-11518

Wed, 05/30/2018 - 16:29
A vulnerability allows a phreaking attack on HCL legacy IVR systems that do not use VoIP. These IVR systems rely on various frequencies of audio signals; based on the frequency, certain commands and functions are processed. Since these frequencies are accepted within a phone call, an attacker can record these frequencies and use them for service activations. This is a request-forgery issue when the required series of DTMF signals for a service activation is predictable (e.g., the IVR system does not speak a nonce to the caller). In this case, the IVR system accepts an activation request from a less-secure channel (any loudspeaker in the caller's physical environment) without verifying that the request was intended (it matches a nonce sent over a more-secure channel to the caller's earpiece).
Categories: Security News

CVE-2018-11562

Wed, 05/30/2018 - 16:29
An issue was discovered in MISP 2.4.91. A vulnerability in app/View/Elements/eventattribute.ctp allows reflected XSS if a user clicks on a malicious link for an event view and then clicks on the deleted attributes quick filter.
Categories: Security News

CVE-2018-11432

Wed, 05/30/2018 - 09:29
The mobi_parse_mobiheader function in read.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file.
Categories: Security News

CVE-2018-11433

Wed, 05/30/2018 - 09:29
The mobi_get_kf8boundary_seqnumber function in util.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file.
Categories: Security News

CVE-2018-11434

Wed, 05/30/2018 - 09:29
The buffer_fill64 function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file.
Categories: Security News

CVE-2018-11435

Wed, 05/30/2018 - 09:29
The mobi_decompress_huffman_internal function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure (read access violation) via a crafted mobi file.
Categories: Security News

CVE-2018-11436

Wed, 05/30/2018 - 09:29
The buffer_addraw function in buffer.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file.
Categories: Security News

CVE-2018-11437

Wed, 05/30/2018 - 09:29
The mobi_reconstruct_parts function in parse_rawml.c in Libmobi 0.3 allows remote attackers to cause information disclosure (read access violation) via a crafted mobi file.
Categories: Security News

CVE-2018-11438

Wed, 05/30/2018 - 09:29
The mobi_decompress_lz77 function in compression.c in Libmobi 0.3 allows remote attackers to cause remote code execution (heap-based buffer overflow) via a crafted mobi file.
Categories: Security News

CVE-2018-11439

Wed, 05/30/2018 - 09:29
The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file.
Categories: Security News

CVE-2018-11233

Wed, 05/30/2018 - 00:29
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.
Categories: Security News

CVE-2018-11235

Wed, 05/30/2018 - 00:29
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because submodule "names" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with "../" in a name. Finally, post-checkout hooks from a submodule are executed, bypassing the intended design in which hooks are not obtained from a remote server.
Categories: Security News

CVE-2018-11555

Wed, 05/30/2018 - 00:29
tificc in Little CMS 2.9 has an out-of-bounds write in the PrecalculatedXFORM function in cmsxform.c in liblcms2.a via a crafted TIFF file.
Categories: Security News

CVE-2018-11556

Wed, 05/30/2018 - 00:29
tificc in Little CMS 2.9 has an out-of-bounds write in the cmsPipelineCheckAndRetreiveStages function in cmslut.c in liblcms2.a via a crafted TIFF file.
Categories: Security News

CVE-2018-11557

Wed, 05/30/2018 - 00:29
YIBAN Easy class education platform 2.0 has XSS via the articlelist.php k parameter.
Categories: Security News

CVE-2018-11558

Wed, 05/30/2018 - 00:29
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_first_name parameter.
Categories: Security News

Pages