Latest 7 days CVE Lists

Latest 7 days CVE Lists 피드 구독하기
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
업데이트: 1시간 37분 지남

CVE-2015-5601

화, 2019/07/30 - 1:15오전
edx-platform before 2015-07-20 allows code execution by privileged users because the course import endpoint mishandles .tar.gz files.

CVE-2019-1020006

화, 2019/07/30 - 12:15오전
invenio-app before 1.1.1 allows host header injection.

CVE-2019-1020007

화, 2019/07/30 - 12:15오전
Dependency-Track before 3.5.1 allows XSS.

CVE-2019-1020008

화, 2019/07/30 - 12:15오전
stacktable.js before 1.0.4 allows XSS.

CVE-2019-1020009

화, 2019/07/30 - 12:15오전
Fleet before 2.1.2 allows exposure of SMTP credentials.

CVE-2019-12613

화, 2019/07/30 - 12:15오전
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn. Further investigation showed that it was not a security issue in customer-controlled software. Notes: recovery of a public key is not a security concern as per its public nature.

CVE-2019-13103

화, 2019/07/30 - 12:15오전
A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data.

CVE-2019-1020002

화, 2019/07/30 - 12:15오전
Pterodactyl before 0.7.14 with 2FA allows credential sniffing.

CVE-2019-1020003

화, 2019/07/30 - 12:15오전
invenio-records before 1.2.2 allows XSS.

CVE-2019-1020004

화, 2019/07/30 - 12:15오전
Tridactyl before 1.16.0 allows fake key events.

CVE-2019-1020005

화, 2019/07/30 - 12:15오전
invenio-communities before 1.0.0a20 allows XSS.

CVE-2019-1020018

월, 2019/07/29 - 11:15오후
Discourse before v2.4.0.beta2 lacks a confirmation screen when logging in via an email link.

CVE-2019-1020019

월, 2019/07/29 - 11:15오후
invenio-previewer before 1.0.0a12 allows XSS.

CVE-2019-1105

월, 2019/07/29 - 11:15오후
A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'.

CVE-2019-1020015

월, 2019/07/29 - 10:15오후
graphql-engine (aka Hasura GraphQL Engine) before 1.0.0-beta.3 mishandles the audience check while verifying JWT.

CVE-2019-1020016

월, 2019/07/29 - 10:15오후
ASH-AIO before 2.0.0.3 allows an open redirect.

CVE-2019-1020017

월, 2019/07/29 - 10:15오후
Discourse before v2.4.0.beta2 lacks a confirmation screen when logging in via a user-api OTP.

CVE-2019-1020001

월, 2019/07/29 - 10:15오후
yard before 0.9.20 allows path traversal.

CVE-2019-1020010

월, 2019/07/29 - 10:15오후
Misskey before 10.102.4 allows hijacking a user's token.

CVE-2019-1020011

월, 2019/07/29 - 10:15오후
SmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without server operator authority.

페이지