сряда, 27 февруари 2019 г.

Weekly Update: a new vulnerability is published on the National Vulnerability Database (8 items)


New vulnerabilities from the NVD: CVE-2017-0938

Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers to use the Discovery Protocol in amplification attacks.
Published at: February 13, 2019 at 12:29AM
View on website

February 13, 2019 at 02:15AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2018-0696

OpenAM (Open Source Edition) 13.0 and later does not properly manage sessions, which allows remote authenticated attackers to change the security questions and reset the login password via unspecified vectors.
Published at: February 13, 2019 at 08:29PM
View on website

February 13, 2019 at 10:59PM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2017-1695

IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134177.
Published at: February 15, 2019 at 10:29PM
View on website

February 16, 2019 at 12:59AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-4617

Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory.
Published at: February 15, 2019 at 11:29PM
View on website

February 16, 2019 at 02:59AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2015-4615

Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables
Published at: February 15, 2019 at 11:29PM
View on website

February 16, 2019 at 02:59AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2013-5654

Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage
Published at: February 15, 2019 at 11:29PM
View on website

February 16, 2019 at 02:59AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2013-2565

A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
Published at: February 15, 2019 at 11:29PM
View on website

February 16, 2019 at 02:59AM

via National Vulnerability Database


New vulnerabilities from the NVD: CVE-2013-2516

Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell.
Published at: February 15, 2019 at 11:29PM
View on website

February 16, 2019 at 02:59AM

via National Vulnerability Database

National Vulnerability Database

Manage this Applet


Няма коментари:

Публикуване на коментар