National Vulnerability Database
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 13 hours 9 min ago
geoip-lite-country is a stripped down version of geoip-lite, supporting only country lookup. geoip-lite-country before 1.1.4 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks.
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 188.8.131.52, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege.
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 184.108.40.206, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP password to use it in further attacks.
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 220.127.116.11, contains a command injection vulnerability in the Boxmgmt CLI. An authenticated malicious user with boxmgmt privileges may potentially exploit this vulnerability to read RPA files. Note that files that require root permission cannot be read.
IBM FlashSystem V840 and V900 products could allow an authenticated attacker with specialized access to overwrite arbitrary files which could cause a denial of service. IBM X-Force ID: 141148.
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 136471.
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 137767.
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 137769.
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 137776.
Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass vulnerability. The products can be configured with a SAML authentication realm to authenticate network users in intercepted proxy traffic. When parsing SAML responses, ASG and ProxySG incorrectly handle XML nodes with comments. A remote attacker can modify a valid SAML response without invalidating its cryptographic signature. This may allow the attacker to bypass user authentication security controls in ASG and ProxySG. This vulnerability only affects authentication of network users in intercepted traffic. It does not affect administrator user authentication for the ASG and ProxySG management consoles.
A stack exhaustion vulnerability in the search function of dtSearch 7.90.8538.1 and prior allows remote attackers to cause a denial of service condition by sending a specially crafted HTTP request.
upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files.
An issue was discovered in CScms v4.1. A Cross-site request forgery (CSRF) vulnerability in plugins/sys/admin/Sys.php allows remote attackers to change the administrator's username and password via /admin.php/sys/editpass_save.
WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI.
Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.
An issue was discovered in the ChangUonDyU Advanced Statistics plugin 1.0.2 for MyBB. changstats.php has XSS, as demonstrated by a subject field.
An issue was discovered in SITEMAKIN SLAC (Site Login and Access Control) v1.0. The parameter "my_item_search" in users.php is exploitable using SQL injection.