Latest 7 days CVE Lists

Latest 7 days CVE Lists 피드 구독하기
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
업데이트: 3시간 53분 지남

CVE-2019-6149

월, 2019/03/18 - 10:32오전
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.

CVE-2018-15509

월, 2019/03/18 - 10:32오전
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).

CVE-2018-20806

월, 2019/03/18 - 8:32오전
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).

CVE-2019-5616

토, 2019/03/16 - 6:29오전
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.

CVE-2018-17882

토, 2019/03/16 - 5:29오전
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.

CVE-2018-17955

토, 2019/03/16 - 5:29오전
In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection

CVE-2018-17956

토, 2019/03/16 - 5:29오전
In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was provided on the command line to tools used by yast2-samba-provision, allowing local attackers to read them in the process list

CVE-2018-18205

토, 2019/03/16 - 5:29오전
Topvision CC8800 CMTS C-E devices allow remote attackers to obtain sensitive information via a direct request for /WebContent/startup.tar.gz with userName=admin in a cookie.

CVE-2018-20106

토, 2019/03/16 - 5:29오전
In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast.

CVE-2018-20174

토, 2019/03/16 - 3:29오전
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function ui_clip_handle_data() that results in an information leak.

CVE-2018-20175

토, 2019/03/16 - 3:29오전
rdesktop versions up to and including v1.8.3 contains several Integer Signedness errors that lead to Out-Of-Bounds Reads in the file mcs.c and result in a Denial of Service (segfault).

CVE-2018-20176

토, 2019/03/16 - 3:29오전
rdesktop versions up to and including v1.8.3 contain several Out-Of- Bounds Reads in the file secure.c that result in a Denial of Service (segfault).

CVE-2018-20177

토, 2019/03/16 - 3:29오전
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.

CVE-2018-20178

토, 2019/03/16 - 3:29오전
rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in the function process_demand_active() that results in a Denial of Service (segfault).

CVE-2018-20179

토, 2019/03/16 - 3:29오전
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function lspci_process() and results in memory corruption and probably even a remote code execution.

CVE-2018-20180

토, 2019/03/16 - 3:29오전
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function rdpsnddbg_process() and results in memory corruption and probably even a remote code execution.

CVE-2018-20181

토, 2019/03/16 - 3:29오전
rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function seamless_process() and results in memory corruption and probably even a remote code execution.

CVE-2018-20182

토, 2019/03/16 - 3:29오전
rdesktop versions up to and including v1.8.3 contain a Buffer Overflow over the global variables in the function seamless_process_line() that results in memory corruption and probably even a remote code execution.

CVE-2019-9835

토, 2019/03/16 - 3:29오전
The receiver (aka bridge) component of Fujitsu Wireless Keyboard Set LX901 GK900 devices allows Keystroke Injection. This occurs because it accepts unencrypted 2.4 GHz packets, even though all legitimate communication uses AES encryption.

CVE-2019-9831

토, 2019/03/16 - 2:29오전
The AirMore application through 1.6.1 for Android allows remote attackers to cause a denial of service (system hang) via many simultaneous /?Key=PhoneRequestAuthorization requests.

페이지