National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 10 hours 50 min ago

CVE-2018-14905

Fri, 08/03/2018 - 14:29
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on the api/CallLog TimeZoneName parameter.
Categories: Security News

CVE-2018-14906

Fri, 08/03/2018 - 14:29
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on all stack traces' propertyPath parameters.
Categories: Security News

CVE-2018-14907

Fri, 08/03/2018 - 14:29
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname.
Categories: Security News

CVE-2018-14908

Fri, 08/03/2018 - 14:29
Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action.
Categories: Security News

CVE-2018-7748

Fri, 08/03/2018 - 14:29
report_viewer.do in ServiceNow Release Jakarta Patch 8 and earlier allows remote attackers to execute arbitrary code via '${xyz}' Glide Scripting Injection in the sysparm_media parameter.
Categories: Security News

CVE-2018-13416

Fri, 08/03/2018 - 13:29
In Universal Media Server (UMS) 7.1.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same permission as the user account running UMS, (2) Initiate SMB connections to capture a NetNTLM challenge/response and crack to cleartext password, or (3) Initiate SMB connections to relay a NetNTLM challenge/response and achieve Remote Command Execution in Windows domains.
Categories: Security News

CVE-2018-14574

Fri, 08/03/2018 - 13:29
django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.
Categories: Security News

CVE-2018-14773

Fri, 08/03/2018 - 13:29
An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it's not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \Symfony\Component\HttpFoundation\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning.
Categories: Security News

CVE-2018-14774

Fri, 08/03/2018 - 13:29
An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. When using HttpCache, the values of the X-Forwarded-Host headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection.
Categories: Security News

CVE-2017-8316

Fri, 08/03/2018 - 11:29
IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can exploit the vulnerability by implementing malicious code on both Androidmanifest.xml.
Categories: Security News

CVE-2018-1524

Fri, 08/03/2018 - 11:29
IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administator account that a remote intruder could use to gain administrator access to the system. This vulnerability is due to an incomplete fix for CVE-2015-4966. IBM X-Force ID: 142116.
Categories: Security News

CVE-2018-6590

Fri, 08/03/2018 - 10:29
CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.
Categories: Security News

CVE-2018-14883

Fri, 08/03/2018 - 09:29
An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.
Categories: Security News

CVE-2018-14884

Fri, 08/03/2018 - 09:29
An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. Inappropriately parsing an HTTP response leads to a segmentation fault because http_header_value in ext/standard/http_fopen_wrapper.c can be a NULL value that is mishandled in an atoi call.
Categories: Security News

CVE-2018-5489

Fri, 08/03/2018 - 09:29
NetApp 7-Mode Transition Tool allows users with valid credentials to access functions and information which may have been intended to be restricted to administrators or privileged users. 7MTT versions below 2.0 do not enforce user authorization rules on file information and status that it has previously collected. The released version of 7MTT has been updated to maintain and verify authorization rules for file information, status and utilities.
Categories: Security News

CVE-2018-14872

Thu, 08/02/2018 - 20:29
An issue was discovered in Rincewind 0.1. A reinstall vulnerability exists because the parameter p of index.php and another file named commonPages.php allows an attacker to reinstall the product, with all data reset.
Categories: Security News

CVE-2018-14873

Thu, 08/02/2018 - 20:29
An issue was discovered in Rincewind 0.1. There is a cross-site scripting (XSS) vulnerability involving a p=account request to index.php and another file named commonPages.php.
Categories: Security News

CVE-2018-14876

Thu, 08/02/2018 - 20:29
An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a longjmp that leads to an uninitialized stack frame after a libpng error concerning the IHDR image width.
Categories: Security News

CVE-2018-14877

Thu, 08/02/2018 - 20:29
An issue was discovered in WeaselCMS v0.3.5. XSS exists via Site Language, Site Title, Site Description, and Site Keywords on the SETTINGS page.
Categories: Security News

CVE-2017-6213

Thu, 08/02/2018 - 17:29
paypal/invoice-sdk-php is vulnerable to reflected XSS in samples/permissions.php via the permToken parameter, resulting in code execution.
Categories: Security News

Pages