Latest 7 days CVE Lists

Latest 7 days CVE Lists 피드 구독하기
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
업데이트: 4시간 25분 지남

CVE-2019-7957

토, 2019/08/17 - 2:15오전
Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to denial of service.

CVE-2019-7958

토, 2019/08/17 - 2:15오전
Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Successful exploitation could lead to privilege escalation.

CVE-2019-7959

토, 2019/08/17 - 2:15오전
Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2019-7964

토, 2019/08/17 - 2:15오전
Adobe Experience Manager versions 6.5, and 6.4 have an authentication bypass vulnerability. Successful exploitation could lead to remote code execution.

CVE-2019-5477

토, 2019/08/17 - 1:15오전
A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's `Kernel.open` method. Processes are vulnerable only if the undocumented method `Nokogiri::CSS::Tokenizer#load_file` is being called with unsafe user input as the filename. This vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. Rexical is used by Nokogiri to generate lexical scanner code for parsing CSS queries. The underlying vulnerability was addressed in Rexical v1.0.7 and Nokogiri upgraded to this version of Rexical in Nokogiri v1.10.4.

CVE-2019-15119

토, 2019/08/17 - 12:15오전
lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user.

CVE-2019-15120

토, 2019/08/17 - 12:15오전
The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode.

CVE-2019-15118

금, 2019/08/16 - 11:15오후
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.

CVE-2015-9325

금, 2019/08/16 - 11:15오후
The visitors-online plugin before 0.4 for WordPress has SQL injection.

CVE-2015-9326

금, 2019/08/16 - 11:15오후
The wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection.

CVE-2016-10904

금, 2019/08/16 - 11:15오후
The olimometer plugin before 2.57 for WordPress has SQL injection.

CVE-2017-18548

금, 2019/08/16 - 11:15오후
The note-press plugin before 0.1.2 for WordPress has SQL injection.

CVE-2018-13884

금, 2019/08/16 - 11:15오후
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.

CVE-2019-15117

금, 2019/08/16 - 11:15오후
parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access.

CVE-2019-14923

금, 2019/08/16 - 10:15오후
EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field.

CVE-2019-15091

금, 2019/08/16 - 10:15오후
filemgr.php in Artica Integria IMS 5.0.86 allows index.php?sec=wiki&sec2=operation/wiki/wiki&action=upload arbitrary file upload.

페이지