National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 17 hours 3 min ago

CVE-2018-19492

Fri, 11/23/2018 - 12:29
An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend.
Categories: Security News

CVE-2018-19486

Fri, 11/23/2018 - 03:29
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the run_command() API and run-command.c, because there was a dangerous change from execvp to execv during 2017.
Categories: Security News

CVE-2018-19468

Fri, 11/23/2018 - 00:29
HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=act_login URI.
Categories: Security News

CVE-2018-19469

Fri, 11/23/2018 - 00:29
ArticleCMS through 2017-02-19 has XSS via the /update_personal_infomation realname or email parameter.
Categories: Security News

CVE-2018-19475

Fri, 11/23/2018 - 00:29
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
Categories: Security News

CVE-2018-19476

Fri, 11/23/2018 - 00:29
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
Categories: Security News

CVE-2018-19477

Fri, 11/23/2018 - 00:29
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
Categories: Security News

CVE-2018-19463

Thu, 11/22/2018 - 16:29
zb_system/function/lib/upload.php in Z-BlogPHP through 1.5.1 allows remote attackers to execute arbitrary PHP code by using the image/jpeg content type in an upload to the zb_system/admin/index.php?act=UploadMng URI.
Categories: Security News

CVE-2018-19464

Thu, 11/22/2018 - 16:29
Discuz! X3.4 allows XSS via admin.php because admincp/admincp_setting.php and template\default\common\footer.htm mishandle s statcode field from third-party stats code.
Categories: Security News

CVE-2018-19457

Thu, 11/22/2018 - 15:29
Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which leads to remote command execution via admin/faqs/faqimages with a .php file.
Categories: Security News

CVE-2018-19458

Thu, 11/22/2018 - 15:29
In PHP Proxy 3.0.3, any user can read files from the server without authentication due to an index.php?q=file:/// LFI URI, a different vulnerability than CVE-2018-19246.
Categories: Security News

CVE-2018-19459

Thu, 11/22/2018 - 15:29
Adult Filter 1.0 has a Buffer Overflow via a crafted Black Domain List file.
Categories: Security News

CVE-2018-19443

Thu, 11/22/2018 - 14:29
The client in Tryton 5.x before 5.0.1 tries to make a connection to the bus in cleartext instead of encrypted under certain circumstances in bus.py and jsonrpc.py. This connection attempt fails, but it contains in the header the current session of the user. This session could then be stolen by a man-in-the-middle.
Categories: Security News

CVE-2018-19433

Thu, 11/22/2018 - 00:29
ShowDoc 2.4.1 has XSS via the lang parameter because install/database.php mishandles the $cur_lang value.
Categories: Security News

CVE-2018-19434

Thu, 11/22/2018 - 00:29
An issue was discovered on the "Bank Account Matching - Receipts" screen of the General Ledger component in webERP 4.15. BankMatching.php has Blind SQL injection via the AmtClear_ parameter.
Categories: Security News

CVE-2018-19435

Thu, 11/22/2018 - 00:29
An issue was discovered in the Sales component in webERP 4.15. SalesInquiry.php has SQL Injection via the SortBy parameter.
Categories: Security News

CVE-2018-19436

Thu, 11/22/2018 - 00:29
An issue was discovered in the Manufacturing component in webERP 4.15. CollectiveWorkOrderCost.php has Blind SQL Injection via the SearchParts parameter.
Categories: Security News

CVE-2018-19437

Thu, 11/22/2018 - 00:29
UCMS 1.4.7 allows remote authenticated users to change the administrator password because $_COOKIE['admin_'.cookiehash] is used for arbitrary cookie values that are set and not empty.
Categories: Security News

CVE-2018-19432

Thu, 11/22/2018 - 00:29
An issue was discovered in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service.
Categories: Security News

CVE-2018-19420

Wed, 11/21/2018 - 16:29
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension (e.g., the test or test.asdf filename), because of admin/upload-uploadify.php, and validate_safe_file in admin/inc/security_functions.php.
Categories: Security News

Pages