National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 15 hours 5 min ago

CVE-2018-5349

Thu, 03/22/2018 - 12:29
A vulnerability has been found in Heimdal PRO v2.2.190, but it is most likely also present in Heimdal FREE and Heimdal CORP. Faulty permissions on the directory "C:\ProgramData\Heimdal Security\Heimdal Agent" allow BUILTIN\Users to write new files to the directory. On startup, the process Heimdal.MonitorServices.exe running as SYSTEM will attempt to load version.dll from this directory. Placing a malicious version.dll in this directory will result in privilege escalation. NOTE: any affected Heimdal products are completely unrelated to the Heimdal vendor of a Kerberos 5 product on the h5l.org web site.
Categories: Security News

CVE-2018-5731

Thu, 03/22/2018 - 12:29
An issue was discovered in Heimdal PRO 2.2.190. As part of the scanning feature, a process called md.hs writes an executable called CS1.tmp to C:\windows\TEMP. Afterwards the executable is run. It is possible for an attacker to create the file first, let md.hs overwrite it, and then rewrite the file in the window between md.hs closing the file and executing it. This can be exploited via opportunistic locks and a high priority thread. The vulnerablity is triggered when a scan starts. NOTE: any affected Heimdal products are completely unrelated to the Heimdal vendor of a Kerberos 5 product on the h5l.org web site.
Categories: Security News

CVE-2017-0920

Thu, 03/22/2018 - 11:29
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the Projects::MergeRequests::CreationsController component resulting in an attacker to see every project name and their respective namespace on a GitLab instance.
Categories: Security News

CVE-2017-16242

Thu, 03/22/2018 - 11:29
An issue was discovered on MECO USB Memory Stick with Fingerprint MECOZiolsamDE601 devices. The fingerprint authentication requirement for data access can be bypassed. An attacker with physical access can send a static packet to a serial port exposed on the PCB to unlock the key and get access to the data without possessing the required fingerprint.
Categories: Security News

CVE-2018-8936

Thu, 03/22/2018 - 10:29
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege escalation.
Categories: Security News

CVE-2017-0932

Thu, 03/22/2018 - 10:29
Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of validation on the input of the Feature functionality. An attacker with access to an operator (read-only) account and ssh connection to the devices could escalate privileges to admin (root) access in the system.
Categories: Security News

CVE-2017-0933

Thu, 03/22/2018 - 10:29
Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from a Cross-Site Request Forgery (CSRF) vulnerability. An attacker with access to an operator (read-only) account could lure an admin (root) user to access the attacker-controlled page, allowing the attacker to gain admin privileges in the system.
Categories: Security News

CVE-2017-0934

Thu, 03/22/2018 - 10:29
Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could escalate privileges to admin (root) access in the system.
Categories: Security News

CVE-2017-0935

Thu, 03/22/2018 - 10:29
Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could escalate privileges to admin (root) access in the system.
Categories: Security News

CVE-2017-16771

Thu, 03/22/2018 - 10:29
Cross-site scripting (XSS) vulnerability in Log Viewer in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
Categories: Security News

CVE-2017-16772

Thu, 03/22/2018 - 10:29
Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter.
Categories: Security News

CVE-2018-8930

Thu, 03/22/2018 - 10:29
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3.
Categories: Security News

CVE-2018-8931

Thu, 03/22/2018 - 10:29
The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1.
Categories: Security News

CVE-2018-8932

Thu, 03/22/2018 - 10:29
The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4.
Categories: Security News

CVE-2018-8933

Thu, 03/22/2018 - 10:29
The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3.
Categories: Security News

CVE-2018-8934

Thu, 03/22/2018 - 10:29
The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW.
Categories: Security News

CVE-2018-8935

Thu, 03/22/2018 - 10:29
The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW.
Categories: Security News

CVE-2017-18094

Thu, 03/22/2018 - 09:29
Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allow remote attackers with administrative privileges to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the base path setting of a configured file system repository.
Categories: Security News

CVE-2018-0534

Thu, 03/22/2018 - 09:29
Cross-site scripting vulnerability in ArsenoL Version 0.5 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
Categories: Security News

CVE-2018-0535

Thu, 03/22/2018 - 09:29
Cross-site scripting vulnerability in PHP 2chBBS version bbs18c allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
Categories: Security News

Pages