National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 2 hours 22 min ago

CVE-2018-6541

Fri, 02/02/2018 - 04:29
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
Categories: Security News

CVE-2018-6542

Fri, 02/02/2018 - 04:29
In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trailer seek value) caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c.
Categories: Security News

CVE-2018-6543

Fri, 02/02/2018 - 04:29
In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
Categories: Security News

CVE-2018-6544

Fri, 02/02/2018 - 04:29
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.
Categories: Security News

CVE-2018-6545

Fri, 02/02/2018 - 04:29
Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting (XSS) vulnerability, as demonstrated by human.aspx. Attackers can leverage this vulnerability to send malicious messages to other users in order to steal session cookies and launch client-side attacks.
Categories: Security News

CVE-2018-6548

Fri, 02/02/2018 - 04:29
A use-after-free issue was discovered in libwebm through 2018-02-02. If a Vp9HeaderParser was initialized once before, its property frame_ would not be changed because of code in vp9parser::Vp9HeaderParser::SetFrame. Its frame_ could be freed while the corresponding pointer would not be updated, leading to a dangling pointer. This is related to the function OutputCluster in webm_info.cc.
Categories: Security News

CVE-2018-6550

Fri, 02/02/2018 - 04:29
Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php.
Categories: Security News

CVE-2018-6519

Thu, 02/01/2018 - 20:29
The SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before 3.1.1 in SimpleSAMLphp has a Regular Expression Denial of Service vulnerability for fraction-of-seconds data in a timestamp.
Categories: Security News

CVE-2018-6520

Thu, 02/01/2018 - 20:29
SimpleSAMLphp before 1.15.2 allows remote attackers to bypass an open redirect protection mechanism via crafted authority data in a URL.
Categories: Security News

CVE-2018-6521

Thu, 02/01/2018 - 20:29
The sqlauth module in SimpleSAMLphp before 1.15.2 relies on the MySQL utf8 charset, which truncates queries upon encountering four-byte characters. There might be a scenario in which this allows remote attackers to bypass intended access restrictions.
Categories: Security News

CVE-2018-6522

Thu, 02/01/2018 - 20:29
In nProtect AVS V4.0 4.0.0.38, the driver file (TKRgFtXp.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220408.
Categories: Security News

CVE-2018-6523

Thu, 02/01/2018 - 20:29
In nProtect AVS V4.0 4.0.0.38, the driver file (TKFsAv.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x22045c.
Categories: Security News

CVE-2018-6524

Thu, 02/01/2018 - 20:29
In nProtect AVS V4.0 4.0.0.38, the driver file (TKFsAv.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220c20.
Categories: Security News

CVE-2018-6525

Thu, 02/01/2018 - 20:29
In nProtect AVS V4.0 4.0.0.38, the driver file (TKFsAv.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220458.
Categories: Security News

CVE-2017-2293

Thu, 02/01/2018 - 17:29
Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 shipped with an MCollective configuration that allowed the package plugin to install or remove arbitrary packages on all managed agents. This release adds default configuration to not allow these actions. Customers who rely on this functionality can change this policy.
Categories: Security News

CVE-2017-2296

Thu, 02/01/2018 - 17:29
In Puppet Enterprise 2017.1.x and 2017.2.1, using specially formatted strings with certain formatting characters as Classifier node group names or RBAC role display names causes errors, effectively causing a DOS to the service. This was resolved in Puppet Enterprise 2017.2.2.
Categories: Security News

CVE-2017-2297

Thu, 02/01/2018 - 17:29
Puppet Enterprise versions prior to 2016.4.5 and 2017.2.1 did not correctly authenticate users before returning labeled RBAC access tokens. This issue has been fixed in Puppet Enterprise 2016.4.5 and 2017.2.1. This only affects users with labeled tokens, which is not the default for tokens.
Categories: Security News

CVE-2017-3160

Thu, 02/01/2018 - 16:29
After the Android platform is added to Cordova the first time, or after a project is created using the build scripts, the scripts will fetch Gradle on the first build. However, since the default URI is not using https, it is vulnerable to a MiTM and the Gradle executable is not safe. The severity of this issue is high due to the fact that the build scripts immediately start a build after Gradle has been fetched. Developers who are concerned about this issue should install version 6.1.2 or higher of Cordova-Android. If developers are unable to install the latest version, this vulnerability can easily be mitigated by setting the CORDOVA_ANDROID_GRADLE_DISTRIBUTION_URL environment variable to https://services.gradle.org/distributions/gradle-2.14.1-all.zip
Categories: Security News

CVE-2018-1192

Thu, 02/01/2018 - 15:29
In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versions prior to 53.3, the SessionID is logged in audit event logs. An attacker can use the SessionID to impersonate a logged-in user.
Categories: Security News

CVE-2014-9504

Thu, 02/01/2018 - 12:29
The OG Subgroups module, when used with the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal, allows remote attackers to access child groups via vectors related to membership inheritance.
Categories: Security News

Pages