NVD Vulnerabilities

Subscribe to NVD Vulnerabilities feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 4 hours 45 min ago

CVE-2015-6926

Fri, 01/19/2018 - 10:29
The OpenID Single Sign-On authentication functionality in OXID eShop before 4.5.0 allows remote attackers to impersonate users via the email address in a crafted authentication token.
Categories: NVD

CVE-2017-1693

Fri, 01/19/2018 - 09:29
IBM Integration Bus 9.0 and 10.0 could allow an attacker that has captured a valid session id to highack another users session during a small timeframe before the session times out. IBM X-Force ID: 134164.
Categories: NVD

CVE-2017-6142

Fri, 01/19/2018 - 09:29
X509 certificate verification was not correctly implemented in the early access "user id" feature in the F5 BIG-IP Advanced Firewall Manager versions 13.0.0, 12.1.0-12.1.2, and 11.6.0-11.6.2, and thus did not properly validate the remote server's identity on certain versions of BIG-IP.
Categories: NVD

CVE-2018-1362

Fri, 01/19/2018 - 09:29
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 within Citizen Portal could allow an authenticated user to withdraw other user's submitted applications from the system and possibly obtain privileges. IBM X-Force ID: 137380.
Categories: NVD

CVE-2018-5783

Fri, 01/19/2018 - 03:29
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
Categories: NVD

CVE-2018-5784

Fri, 01/19/2018 - 03:29
In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries.
Categories: NVD

CVE-2018-5785

Fri, 01/19/2018 - 03:29
In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
Categories: NVD

CVE-2018-5786

Fri, 01/19/2018 - 03:29
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file.
Categories: NVD

CVE-2012-6708

Thu, 01/18/2018 - 18:29
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
Categories: NVD

CVE-2015-9251

Thu, 01/18/2018 - 18:29
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Categories: NVD

CVE-2016-10707

Thu, 01/18/2018 - 18:29
jQuery before 3.0.0 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.
Categories: NVD

CVE-2017-17860

Thu, 01/18/2018 - 17:29
In Samsung Gear products, Bluetooth link key is updated to the differnet key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetooth address of target device and paired user's smartphone
Categories: NVD

CVE-2018-5776

Thu, 01/18/2018 - 17:29
WordPress before 4.9.2 has XSS in the Flash fallback files in MediaElement (under wp-includes/js/mediaelement).
Categories: NVD

CVE-2017-12197

Thu, 01/18/2018 - 16:29
It was found that libpam4j up to and including 1.8 did not properly validate user accounts when authenticating. A user with a valid password for a disabled account would be able to bypass security restrictions and possibly access sensitive information.
Categories: NVD

CVE-2018-5773

Thu, 01/18/2018 - 16:29
An issue was discovered in markdown2 (aka python-markdown2) through 2.3.5. The safe_mode feature, which is supposed to sanitize user input against XSS, is flawed and does not escape the input properly. With a crafted payload, XSS can be triggered, as demonstrated by omitting the final '>' character from an IMG tag.
Categories: NVD

CVE-2017-3158

Thu, 01/18/2018 - 15:29
A race condition in Guacamole's terminal emulator in versions 0.9.5 through 0.9.10-incubating could allow writes of blocks of printed data to overlap. Such overlapping writes could cause packet data to be misread as the packet length, resulting in the remaining data being written beyond the end of a statically-allocated buffer.
Categories: NVD

CVE-2017-12729

Thu, 01/18/2018 - 14:29
A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer through 1.6. An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability has been identified. Attackers can exploit this vulnerability to access SoftCMS without knowing the user's password.
Categories: NVD

CVE-2017-5170

Thu, 01/18/2018 - 14:29
An Uncontrolled Search Path Element issue was discovered in Moxa SoftNVR-IA Live Viewer, Version 3.30.3122 and prior versions. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. To exploit this vulnerability, an attacker could rename a malicious DLL to meet the criteria of the application, and the application would not verify that the DLL is correct. The attacker needs to have administrative access to the default install location in order to plant the insecure DLL. Once loaded by the application, the DLL could run malicious code at the privilege level of the application.
Categories: NVD

CVE-2016-6814

Thu, 01/18/2018 - 13:29
When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.
Categories: NVD

CVE-2017-16863

Thu, 01/18/2018 - 13:29
The PieChart gadget in Atlassian Jira before version 7.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a project or filter.
Categories: NVD