Weekly Vulnerabilities Reports > January 20 to 26, 2014
Overview
132 new vulnerabilities reported during this period, including 9 critical vulnerabilities and 24 high severity vulnerabilities. This weekly summary report vulnerabilities in 216 products from 78 vendors including Cisco, Redhat, Wordpress, IBM, and Apple. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Information Exposure", "Improper Input Validation", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".
- 104 reported vulnerabilities are remotely exploitables.
- 10 reported vulnerabilities have public exploit available.
- 36 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 115 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 14 reported vulnerabilities.
- Dell has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
9 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-01-26 | CVE-2013-7248 | Franklinfueling | Credentials Management vulnerability in Franklinfueling Ts-550 EVO and Ts-550 EVO Firmware Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using a cmdWebCheckRole action in a TSA_REQUEST. | 10.0 |
2014-01-24 | CVE-2013-5667 | Thecus | OS Command Injection vulnerability in Thecus N8800 NAS Server and N8800 NAS Server Firmware The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter. | 10.0 |
2014-01-23 | CVE-2014-0494 | Adobe | Buffer Errors vulnerability in Adobe Digital Editions 2.0.1 Adobe Digital Editions 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | 10.0 |
2014-01-22 | CVE-2013-6343 | Asus | Buffer Errors vulnerability in Asus products Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote attackers to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp. | 10.0 |
2014-01-21 | CVE-2013-5986 | Nvidia | Local Privilege Escalation vulnerability in NVIDIA Graphics Driver GPU Access Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 has unknown impact and attack vectors, a different vulnerability than CVE-2013-5987. | 10.0 |
2014-01-21 | CVE-2013-0485 | IBM | Security vulnerability in IBM Java SDK Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries. | 10.0 |
2014-01-20 | CVE-2013-3594 | Dell | Improper Input Validation vulnerability in Dell products The SSH service on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows remote attackers to cause a denial of service (device reset) or possibly execute arbitrary code by sending many packets to TCP port 22. | 10.0 |
2014-01-25 | CVE-2014-1202 | Eviware Smartbear | Code Injection vulnerability in multiple products The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file. | 9.3 |
2014-01-21 | CVE-2013-1361 | Lenovo | DLL Loading Arbitrary Code Execution vulnerability in Lenovo Thinkpad Bluetooth With Enhanced Data Rate Software 6.4.0.2900 Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software 6.4.0.2900 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as a file that is processed by Lenovo Bluetooth. | 9.3 |
24 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-01-26 | CVE-2014-1666 | XEN | Permissions, Privileges, and Access Controls vulnerability in XEN The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict access to the (1) PHYSDEVOP_prepare_msix and (2) PHYSDEVOP_release_msix operations, which allows local PV guests to cause a denial of service (host or guest malfunction) or possibly gain privileges via unspecified vectors. | 8.3 |
2014-01-22 | CVE-2014-0661 | Cisco | Code Injection vulnerability in Cisco products The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796. | 8.3 |
2014-01-24 | CVE-2013-5669 | Thecus | Credentials Management vulnerability in Thecus N8800 NAS Server and N8800 NAS Server Firmware The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remote attackers to obtain sensitive information by sniffing the network. | 7.8 |
2014-01-24 | CVE-2013-5668 | Thecus | Credentials Management vulnerability in Thecus N8800 NAS Server and N8800 NAS Server Firmware The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content. | 7.8 |
2014-01-21 | CVE-2014-0753 | Ecava | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ecava Integraxor Stack-based buffer overflow in the SCADA server in Ecava IntegraXor before 4.1.4390 allows remote attackers to cause a denial of service (system crash) by triggering access to DLL code located in the IntegraXor directory. | 7.8 |
2014-01-20 | CVE-2013-3606 | Dell | Improper Input Validation vulnerability in Dell products The login page in the GoAhead web server on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows remote attackers to cause a denial of service (device outage) via a long username. | 7.8 |
2014-01-26 | CVE-2013-4304 | Brion Vibber Mediawiki | Improper Authentication vulnerability in multiple products The CentralAuth extension for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 caches a valid CentralAuthUser object in the centralauth_User cookie even when a user has not successfully logged in, which allows remote attackers to bypass authentication without a password. | 7.5 |
2014-01-26 | CVE-2013-7137 | Burden Project | Improper Authentication vulnerability in Burden Project Burden The "remember me" functionality in login.php in Burden before 1.8.1 allows remote attackers to bypass authentication and gain privileges by setting the burden_user_rememberme cookie to 1. | 7.5 |
2014-01-25 | CVE-2014-0751 | GE | Path Traversal vulnerability in GE products Directory traversal vulnerability in CimWebServer.exe (aka the WebView component) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted message to TCP port 10212, aka ZDI-CAN-1623. | 7.5 |
2014-01-25 | CVE-2014-0750 | GE | Path Traversal vulnerability in GE products Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622. | 7.5 |
2014-01-24 | CVE-2014-1475 | Drupal | Multiple Security vulnerability in Drupal Core The OpenID module in Drupal 6.x before 6.30 and 7.x before 7.26 allows remote OpenID users to authenticate as other users via unspecified vectors. | 7.5 |
2014-01-24 | CVE-2013-1886 | Redhat | USE of Externally-Controlled Format String vulnerability in Redhat Certificate System and Dogtag Certificate System Format string vulnerability in the token processing system (pki-tps) in Red Hat Certificate System (RHCS) 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to viewing certificates. | 7.5 |
2014-01-24 | CVE-2014-1252 | Apple | Double Free vulnerability in Apple Iphone OS, mac OS X and Pages Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file. | 7.5 |
2014-01-24 | CVE-2013-5350 | Tejimaya | Improper Input Validation vulnerability in Tejimaya Openpne 3.6.13/3.8.9 The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php in OpenPNE 3.6.13 before 3.6.13.1 and 3.8.9 before 3.8.9.1 does not properly validate login data in HTTP Cookie headers, which allows remote attackers to conduct PHP object injection attacks, and execute arbitrary PHP code, via a crafted serialized object. | 7.5 |
2014-01-23 | CVE-2013-6934 | Live555 Videolan | Numeric Errors vulnerability in multiple products The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a space character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow. | 7.5 |
2014-01-23 | CVE-2013-6933 | Live555 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Live555 Streaming Media The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) space or (2) tab character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow. | 7.5 |
2014-01-22 | CVE-2014-1636 | Doug Poulin | SQL Injection vulnerability in Doug Poulin Command School Student Management System 1.06.01 Multiple SQL injection vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to (1) admin_school_names.php, (2) admin_subjects.php, (3) admin_grades.php, (4) admin_terms.php, (5) admin_school_years.php, (6) admin_sgrades.php, (7) admin_media_codes_1.php, (8) admin_infraction_codes.php, (9) admin_generations.php, (10) admin_relations.php, (11) admin_titles.php, or (12) health_allergies.php in sw/. | 7.5 |
2014-01-21 | CVE-2013-7219 | 2Glux | SQL Injection vulnerability in 2Glux COM Sexypolling SQL injection vulnerability in vote.php in the 2Glux Sexy Polling (com_sexypolling) component before 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the answer_id[] parameter. | 7.5 |
2014-01-21 | CVE-2013-2594 | Hornbill | SQL Injection vulnerability in Hornbill Supportworks Itsm 1.0.0/3.4.14 SQL injection vulnerability in reports/calldiary.php in Hornbill Supportworks ITSM 1.0.0 through 3.4.14 allows remote attackers to execute arbitrary SQL commands via the callref parameter. | 7.5 |
2014-01-21 | CVE-2014-1619 | Cubicfactory | SQL Injection vulnerability in Cubicfactory Cubic CMS 5.1.1/5.1.2/5.2 Multiple SQL injection vulnerabilities in Cubic CMS 5.1.1, 5.1.2, and 5.2 allow remote attackers to execute arbitrary SQL commands via the (1) resource_id or (2) version_id parameter to recursos/agent.php or (3) login or (4) pass parameter to login.usuario. | 7.5 |
2014-01-21 | CVE-2013-5987 | Nvidia Apple | Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors. | 7.2 |
2014-01-21 | CVE-2013-2152 | Redhat | Local Privilege Escalation vulnerability in Redhat Enterprise Virtualization 3.2 Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder. | 7.2 |
2014-01-22 | CVE-2014-0662 | Cisco | Improper Input Validation vulnerability in Cisco products The SIP module in Cisco TelePresence Video Communication Server (VCS) before 8.1 allows remote attackers to cause a denial of service (process failure) via a crafted SDP message, aka Bug ID CSCue97632. | 7.1 |
2014-01-22 | CVE-2014-0660 | Cisco | Improper Input Validation vulnerability in Cisco Telepresence Isdn Gateway Software Cisco TelePresence ISDN Gateway with software before 2.2(1.92) allows remote attackers to cause a denial of service (D-channel call outage) via a crafted Q.931 STATUS message, aka Bug ID CSCui50360. | 7.1 |
87 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-01-26 | CVE-2013-6429 | Vmware Pivotal Software | XXE vulnerability in multiple products The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315. | 6.8 |
2014-01-25 | CVE-2014-1670 | Microsoft | Code Injection vulnerability in Microsoft Bing 4.2.0 The Microsoft Bing application before 4.2.1 for Android allows remote attackers to install arbitrary APK files via vectors involving a crafted DNS response. | 6.8 |
2014-01-24 | CVE-2013-6458 | Redhat | Race Condition vulnerability in Redhat Libvirt Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command. | 6.8 |
2014-01-24 | CVE-2014-0674 | Cisco | Improper Authentication vulnerability in Cisco Video Surveillance Operations Manager Cisco Video Surveillance Operations Manager (VSOM) does not require authentication for MySQL database connections, which allows remote attackers to obtain sensitive information, modify data, or cause a denial of service by leveraging network connectivity from a client system with a crafted host name, aka Bug ID CSCud10992. | 6.8 |
2014-01-23 | CVE-2013-7315 | Vmware Springsource | Permissions, Privileges, and Access Controls vulnerability in multiple products The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152. | 6.8 |
2014-01-23 | CVE-2013-4152 | Vmware Springsource | Permissions, Privileges, and Access Controls vulnerability in multiple products The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue. | 6.8 |
2014-01-23 | CVE-2013-7314 | NEC | Unspecified vulnerability in NEC products The OSPF implementation on NEC IP38X, IX1000, IX2000, and IX3000 routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 6.8 |
2014-01-23 | CVE-2013-6443 | Redhat | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Cloudforms and Cloudforms 3.0 Management Engine CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a destructive action in a request. | 6.8 |
2014-01-22 | CVE-2014-0676 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os Cisco NX-OS allows local users to bypass intended TACACS+ command restrictions via a series of multiple commands, aka Bug ID CSCum47367. | 6.8 |
2014-01-21 | CVE-2013-6922 | Seagate | Cross-Site Request Forgery (CSRF) vulnerability in Seagate Blackarmor NAS 220 and Blackarmor NAS 220 Firmware Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts via a crafted request to admin/access_control_user_add.php; (2) modify or (3) delete user accounts; (4) perform a factory reset; (5) perform a device reboot; or (6) add, (7) modify, or (8) delete shares and volumes. | 6.8 |
2014-01-20 | CVE-2014-0010 | Moodle Fedoraproject | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Multiple cross-site request forgery (CSRF) vulnerabilities in user/profile/index.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 allow remote attackers to hijack the authentication of administrators for requests that delete (1) categories or (2) fields. | 6.8 |
2014-01-20 | CVE-2013-3595 | Dell | Improper Input Validation vulnerability in Dell products The OpenManage web application 2.5 build 1.19 on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows remote authenticated users to cause a denial of service (device reset) via a direct request to an unspecified OSPF URL. | 6.8 |
2014-01-24 | CVE-2013-7175 | Avanset | SQL Injection vulnerability in Avanset Visual Certexam Manager Multiple SQL injection vulnerabilities in Avanset Visual CertExam Manager 3.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) Title, (2) File name, or (3) Candidate Name field. | 6.5 |
2014-01-21 | CVE-2013-6872 | O DYN | SQL Injection vulnerability in O-Dyn Collabtive SQL injection vulnerability in managetimetracker.php in Collabtive before 1.2 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a projectpdf action. | 6.5 |
2014-01-23 | CVE-2014-0675 | Cisco | Credentials Management vulnerability in Cisco Telepresence Video Communication Server The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship, aka Bug ID CSCue07471. | 6.4 |
2014-01-22 | CVE-2014-0807 | Lockon | Access Security Bypass vulnerability in EC-CUBE data/class/pages/shopping/LC_Page_Shopping_Deliv.php in LOCKON EC-CUBE 2.4.4 and earlier, and 2.11.0 through 2.12.2, allows remote attackers to modify data via unspecified vectors. | 6.4 |
2014-01-21 | CVE-2012-6634 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress wp-admin/media-upload.php in WordPress before 3.3.3 allows remote attackers to obtain sensitive information or bypass intended media-attachment restrictions via a post_id value. | 6.4 |
2014-01-23 | CVE-2014-1242 | Apple | Cryptographic Issues vulnerability in Apple Itunes Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials window, which allows man-in-the-middle attackers to spoof content by gaining control over the client-server data stream. | 5.8 |
2014-01-22 | CVE-2014-0671 | Cisco | Improper Input Validation vulnerability in Cisco Mediasense Open redirect vulnerability in Cisco MediaSense allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCum16749. | 5.8 |
2014-01-21 | CVE-2010-5293 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress wp-includes/comment.php in WordPress before 3.0.2 does not properly whitelist trackbacks and pingbacks in the blogroll, which allows remote attackers to bypass intended spam restrictions via a crafted URL, as demonstrated by a URL that triggers a substring match. | 5.8 |
2014-01-25 | CVE-2014-0678 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Secure Access Control System The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951. | 5.5 |
2014-01-20 | CVE-2014-0009 | Moodle | Permissions, Privileges, and Access Controls vulnerability in Moodle course/loginas.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 does not enforce the moodle/site:accessallgroups capability requirement for outside-group users in a SEPARATEGROUPS configuration, which allows remote authenticated users to perform "login as" actions via a direct request. | 5.5 |
2014-01-23 | CVE-2013-7313 | Juniper | Unspecified vulnerability in Juniper Junos, Junose and Screenos The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
2014-01-23 | CVE-2013-7312 | Enterasys | Unspecified vulnerability in Enterasys products The OSPF implementation on Enterasys switches and routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
2014-01-23 | CVE-2013-7311 | Checkpoint | Unspecified vulnerability in Checkpoint Gaia OS and Ipso OS The OSPF implementation in Check Point Gaia OS R75.X and R76 and IPSO OS 6.2 R75.X and R76 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
2014-01-23 | CVE-2013-7310 | Yamaha | Unspecified vulnerability in Yamaha products The OSPF implementation on Yamaha routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
2014-01-23 | CVE-2013-7309 | Extremenetworks | Unspecified vulnerability in Extremenetworks Exos The OSPF implementation in Extreme Networks EXOS does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
2014-01-23 | CVE-2013-7308 | Dlink | Unspecified vulnerability in Dlink Des-3810-28 and Des-3810-28 Firmware The OSPF implementation on the D-Link DES-3810-28 switch with firmware R2.20.B017 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
2014-01-23 | CVE-2013-7307 | Brocade | Unspecified vulnerability in Brocade Vyatta Vrouter and Vyatta Vrouter Software The OSPF implementation on the Brocade Vyatta vRouter with software before 6.6R1 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
2014-01-23 | CVE-2013-7306 | Brocade | Improper Input Validation vulnerability in Brocade products The OSPF implementation on Brocade routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | 5.4 |
2014-01-24 | CVE-2013-6457 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat Libvirt The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of service (invalid free operation and crash) or possibly execute arbitrary code via an inactive domain to the virsh numatune command. | 5.2 |
2014-01-26 | CVE-2014-1664 | Citrix | Information Exposure vulnerability in Citrix Gotomeeting 5.0.799.1238 The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file. | 5.0 |
2014-01-26 | CVE-2013-7299 | Tntnet | Information Exposure vulnerability in Tntnet 2.0/2.1/2.2 framework/common/messageheaderparser.cpp in Tntnet before 2.2.1 allows remote attackers to obtain sensitive information via a header that ends in \n instead of \r\n, which prevents a null terminator from being added and causes Tntnet to include headers from other requests. | 5.0 |
2014-01-26 | CVE-2013-7298 | Tntnet | Resource Management Errors vulnerability in Tntnet Cxxtools 2.2 query_params.cpp in cxxtools before 2.2.1 allows remote attackers to cause a denial of service (infinite recursion and crash) via an HTTP query that contains %% (double percent) characters. | 5.0 |
2014-01-26 | CVE-2013-6467 | Libreswan | Remote Denial of Service vulnerability in Libreswan 'IKEv2' Payloads Libreswan 3.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. | 5.0 |
2014-01-26 | CVE-2013-6466 | Xelerance | Remote Denial Of Service vulnerability in Openswan IKEv2 payloads Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. | 5.0 |
2014-01-26 | CVE-2014-1673 | Checkpoint | Unspecified vulnerability in Checkpoint Session Authentication Agent Check Point Session Authentication Agent allows remote attackers to obtain sensitive information (user credentials) via unspecified vectors. | 5.0 |
2014-01-26 | CVE-2014-1626 | Galen Charlton | Permissions, Privileges, and Access Controls vulnerability in Galen Charlton Marc-Xml 1.0/1.0.1 XML External Entity (XXE) vulnerability in MARC::File::XML module before 1.0.2 for Perl, as used in Evergreen, Koha, perl4lib, and possibly other products, allows context-dependent attackers to read arbitrary files via a crafted XML file. | 5.0 |
2014-01-26 | CVE-2013-7296 | Freedesktop | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freedesktop Poppler The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted PDF file. | 5.0 |
2014-01-26 | CVE-2013-7247 | Franklinfueling | Permissions, Privileges, and Access Controls vulnerability in Franklinfueling Ts-550 EVO and Ts-550 EVO Firmware cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password hashes) via the cmdWebGetConfiguration action in a TSA_REQUEST. | 5.0 |
2014-01-24 | CVE-2013-6030 | Emerson | Path Traversal vulnerability in Emerson Network Power Avocent Mergepoint Unity 2016 Firmware 1.9.16473 Directory traversal vulnerability on the Emerson Network Power Avocent MergePoint Unity 2016 (aka MPU2016) KVM switch with firmware 1.9.16473 allows remote attackers to read arbitrary files via unspecified vectors, as demonstrated by reading the /etc/passwd file. | 5.0 |
2014-01-23 | CVE-2013-6448 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Seam 2 Framework The InterfaceGenerator handler in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allows remote attackers to bypass the WebRemote annotation restriction and obtain information about arbitrary classes and methods on the server classpath via unspecified vectors. | 5.0 |
2014-01-23 | CVE-2013-6447 | Redhat | Information Exposure vulnerability in Redhat Jboss Seam 2 Framework Multiple XML External Entity (XXE) vulnerabilities in the (1) ExecutionHandler, (2) PollHandler, and (3) SubscriptionHandler classes in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allow remote attackers to read arbitrary files and possibly have other impacts via a crafted XML file. | 5.0 |
2014-01-22 | CVE-2014-0677 | Cisco | Improper Input Validation vulnerability in Cisco Nx-Os The Label Distribution Protocol (LDP) functionality in Cisco NX-OS allows remote attackers to cause a denial of service (temporary LDP session outage) via LDP discovery traffic containing malformed Hello messages, aka Bug ID CSCul88851. | 5.0 |
2014-01-22 | CVE-2014-1637 | Doug Poulin | Information Exposure vulnerability in Doug Poulin Command School Student Management System 1.06.01 Command School Student Management System 1.06.01 does not properly restrict access to sw/backup/backup_ray2.php, which allows remote attackers to download a database backup via a direct request. | 5.0 |
2014-01-22 | CVE-2014-0669 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco ASR 5000 Series Software The Wireless Session Protocol (WSP) feature in the Gateway GPRS Support Node (GGSN) component on Cisco ASR 5000 series devices allows remote attackers to bypass intended Top-Up payment restrictions via unspecified WSP packets, aka Bug ID CSCuh28371. | 5.0 |
2014-01-21 | CVE-2013-4160 | Littlecms | Unspecified vulnerability in Littlecms Little CMS Color Engine Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed. | 5.0 |
2014-01-21 | CVE-2013-1769 | Simon Mcvittie | Cryptographic Issues vulnerability in Simon Mcvittie Telepathy Gabble A certain hashing algorithm in Telepathy Gabble 0.16.x before 0.16.5 and 0.17.x before 0.17.3 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted message. | 5.0 |
2014-01-21 | CVE-2010-5296 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress wp-includes/capabilities.php in WordPress before 3.0.2, when a Multisite configuration is used, does not require the Super Admin role for the delete_users capability, which allows remote authenticated administrators to bypass intended access restrictions via a delete action. | 4.9 |
2014-01-23 | CVE-2013-6412 | Augeas | Permissions, Privileges, and Access Controls vulnerability in Augeas 1.0.0/1.1.0 The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors. | 4.6 |
2014-01-26 | CVE-2014-1642 | XEN | Resource Management Errors vulnerability in XEN The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memory corruption and hypervisor crash) and possibly execute arbitrary code via vectors related to an out-of-memory error that triggers a (1) use-after-free or (2) double free. | 4.4 |
2014-01-26 | CVE-2014-0794 | Joomla | Cross-Site Scripting vulnerability in Joomla COM Jvcomment 3.0.2 SQL injection vulnerability in the JV Comment (com_jvcomment) component before 3.0.3 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a comment.like action to index.php. | 4.3 |
2014-01-26 | CVE-2013-7143 | Open Xchange | Cross-Site Scripting vulnerability in Open-Xchange Appsuite Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite 7.4.1 allows remote attackers to inject arbitrary web script or HTML via the title in a mail filter rule. | 4.3 |
2014-01-26 | CVE-2013-7142 | Open Xchange | Cross-Site Scripting vulnerability in Open-Xchange Appsuite Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite 7.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified oAuth API functions. | 4.3 |
2014-01-26 | CVE-2013-7141 | Open Xchange | Cross-Site Scripting vulnerability in Open-Xchange Appsuite Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite 7.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to crafted "<%" tags. | 4.3 |
2014-01-26 | CVE-2013-6853 | Yahoo | Cross-site Scripting vulnerability in Yahoo Toolbar 2.5.9.2013418100420/3.1.0.20130813024103 Cross-site scripting (XSS) vulnerability in clickstream.js in Y! Toolbar plugin for FireFox 3.1.0.20130813024103 for Mac, and 2.5.9.2013418100420 for Windows, allows remote attackers to inject arbitrary web script or HTML via a crafted URL that is stored by the victim. | 4.3 |
2014-01-25 | CVE-2014-0673 | Cisco | Cross-Site Scripting vulnerability in Cisco Video Surveillance Indoor Fixed Dome IP HD Camera 5010/5011 Multiple cross-site scripting (XSS) vulnerabilities in the web interface on Cisco Video Surveillance 5000 HD IP Dome cameras allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCud10943 and CSCud10950. | 4.3 |
2014-01-24 | CVE-2014-0028 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat Libvirt libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API. | 4.3 |
2014-01-24 | CVE-2013-1885 | Redhat | Cross-Site Scripting vulnerability in Redhat Certificate System and Dogtag Certificate System Multiple cross-site scripting (XSS) vulnerabilities in the token processing system (pki-tps) in Red Hat Certificate System (RHCS) 8.1 and possibly Dogtag Certificate System 9 and 10 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) tus/ or (2) tus/tus/. | 4.3 |
2014-01-24 | CVE-2014-0809 | Gapless Player | Path Traversal vulnerability in Gapless Player Simzip 1.1/1.2 Directory traversal vulnerability in the Gapless Player SimZip (aka Simple Zip Viewer) application before 1.2.1 for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename. | 4.3 |
2014-01-24 | CVE-2013-7317 | CS Cart | Cross-Site Scripting vulnerability in Cs-Cart Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) settings_file or (2) data_file parameter to (a) ampie.swf, (b) amline.swf, or (c) amcolumn.swf. | 4.3 |
2014-01-24 | CVE-2013-7316 | Gitlab | Cross-Site Scripting vulnerability in Gitlab 6.0.0 Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by README.html. | 4.3 |
2014-01-24 | CVE-2013-7184 | Gomlab | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gomlab GOM Player Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file. | 4.3 |
2014-01-23 | CVE-2012-6447 | Splunk | Cross-Site Scripting vulnerability in Splunk 5.0/5.0.1/5.0.2 Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 5.0.0 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-01-23 | CVE-2014-0006 | Openstack | Information Exposure vulnerability in Openstack Swift The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack. | 4.3 |
2014-01-22 | CVE-2014-0806 | Fenrir INC | Information Exposure vulnerability in Fenrir-Inc Sleipnir Mobile The Sleipnir Mobile application 2.12.1 and earlier and Sleipnir Mobile Black Edition application 2.12.1 and earlier for Android provide Geolocation API data without verifying user consent, which allows remote attackers to obtain sensitive location information via a web site that makes API calls. | 4.3 |
2014-01-22 | CVE-2013-7305 | E107 | Credentials Management vulnerability in E107 fpw.php in e107 through 1.0.4 does not check the user_ban field, which makes it easier for remote attackers to reset passwords by sending a pwsubmit request and leveraging access to the e-mail account of a banned user. | 4.3 |
2014-01-22 | CVE-2013-7304 | Checkpoint | Cryptographic Issues vulnerability in Checkpoint Endpoint Security MI Server R73 3.0.0 Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does not configure X.509 certificate validation for client devices, which allows man-in-the-middle attackers to spoof SSL servers by presenting an arbitrary certificate during a session established by a client. | 4.3 |
2014-01-22 | CVE-2013-2750 | E107 | Cross-Site Scripting vulnerability in E107 Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the query string. | 4.3 |
2014-01-22 | CVE-2014-0670 | Cisco | Cross-Site Scripting vulnerability in Cisco Mediasense Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum16686. | 4.3 |
2014-01-22 | CVE-2013-6746 | IBM | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content Manager 4.5.1 through 5.2.0, and Case Foundation 5.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-01-21 | CVE-2013-4884 | Mcafee | Cross-Site Scripting vulnerability in Mcafee Superscan 4.0 Cross-site scripting (XSS) vulnerability in McAfee SuperScan 4.0 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded sequences in a server response, which is not properly handled in the SuperScan HTML report. | 4.3 |
2014-01-21 | CVE-2014-1620 | Hiox | Cross-Site Scripting vulnerability in Hiox Guest Book 5.0 Multiple cross-site scripting (XSS) vulnerabilities in add.php in HIOX Guest Book (HGB) 5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name1, (2) email, or (3) cmt parameter. | 4.3 |
2014-01-21 | CVE-2013-6305 | IBM | Cryptographic Issues vulnerability in IBM Platform Symphony 5.2/6.1.0.1 IBM Platform Symphony 5.2 before build 229037 and 6.1.0.1 before build 229073 uses the same credentials encryption key across different customers' installations, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging knowledge of this key. | 4.3 |
2014-01-21 | CVE-2013-4030 | IBM | Cryptographic Issues vulnerability in IBM products Integrated Management Module (IMM) 2 1.00 through 2.00 on IBM System X and Flex System servers supports SSL cipher suites with short keys, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack against (1) SSL or (2) TLS traffic. | 4.3 |
2014-01-21 | CVE-2012-6633 | Wordpress | Cross-Site Scripting vulnerability in Wordpress Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php in WordPress before 3.3.3 allows remote attackers to inject arbitrary web script or HTML via an editable slug field. | 4.3 |
2014-01-21 | CVE-2010-5295 | Wordpress | Cross-Site Scripting vulnerability in Wordpress Cross-site scripting (XSS) vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is not properly handled during a Delete Plugin action. | 4.3 |
2014-01-21 | CVE-2010-5294 | Wordpress | Cross-Site Scripting vulnerability in Wordpress Multiple cross-site scripting (XSS) vulnerabilities in the request_filesystem_credentials function in wp-admin/includes/file.php in WordPress before 3.0.2 allow remote servers to inject arbitrary web script or HTML by providing a crafted error message for a (1) FTP or (2) SSH connection attempt. | 4.3 |
2014-01-20 | CVE-2014-0668 | Cisco | Cross-Site Scripting vulnerability in Cisco Secure Access Control System Cross-site scripting (XSS) vulnerability in the portal in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCue65949. | 4.3 |
2014-01-26 | CVE-2013-7140 | Open Xchange | Information Disclosure vulnerability in Open-Xchange AppSuite XML External Entities XML External Entity (XXE) vulnerability in the CalDAV interface in Open-Xchange (OX) AppSuite 7.4.1 and earlier allows remote authenticated users to read portions of arbitrary files via vectors related to the SAX builder and the WebDAV interface. | 4.0 |
2014-01-26 | CVE-2014-1672 | Checkpoint | Permissions, Privileges, and Access Controls vulnerability in Checkpoint Management Server and Security Gateway Check Point R75.47 Security Gateway and Management Server does not properly enforce Anti-Spoofing when the routing table is modified and the "Get - Interfaces with Topology" action is performed, which allows attackers to bypass intended access restrictions. | 4.0 |
2014-01-24 | CVE-2014-1476 | Drupal | Permissions, Privileges, and Access Controls vulnerability in Drupal The Taxonomy module in Drupal 7.x before 7.26, when upgraded from an earlier version of Drupal, does not properly restrict access to unpublished content, which allows remote authenticated users to obtain sensitive information via a listing page. | 4.0 |
2014-01-22 | CVE-2014-0672 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Mediasense The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arbitrary recordings via a request to this interface. | 4.0 |
2014-01-21 | CVE-2012-2997 | F5 | Information Exposure vulnerability in F5 Big-Ip Configuration Utility XML External Entity (XXE) vulnerability in sam/admin/vpe2/public/php/server.php in F5 BIG-IP 10.0.0 through 10.2.4 and 11.0.0 through 11.2.1 allows remote authenticated users to read arbitrary files via a crafted XML file. | 4.0 |
2014-01-21 | CVE-2012-6635 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress wp-admin/includes/class-wp-posts-list-table.php in WordPress before 3.3.3 does not properly restrict excerpt-view access, which allows remote authenticated users to obtain sensitive information by visiting a draft. | 4.0 |
2014-01-21 | CVE-2011-5270 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress wp-admin/press-this.php in WordPress before 3.0.6 does not enforce the publish_posts capability requirement, which allows remote authenticated users to perform publish actions by leveraging the Contributor role. | 4.0 |
2014-01-20 | CVE-2014-0008 | Moodle | Credentials Management vulnerability in Moodle lib/adminlib.php in Moodle through 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 logs cleartext passwords, which allows remote authenticated administrators to obtain sensitive information by reading the Config Changes Report. | 4.0 |
12 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-01-26 | CVE-2013-5364 | Secunia Redhat | Permissions, Privileges, and Access Controls vulnerability in Secunia CSI Agent 6.0.0.15017/6.0.1.1007/7.0.0.21 Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and 7.0.0.21 and earlier, when running on Red Hat Linux, uses world-readable and world-writable permissions for /etc/csia_config.xml, which allows local users to change CSI Agent configuration by modifying this file. | 3.6 |
2014-01-24 | CVE-2014-1447 | Redhat | Race Condition vulnerability in Redhat Libvirt Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent. | 3.3 |
2014-01-23 | CVE-2013-7048 | Openstack | Permissions, Privileges, and Access Controls vulnerability in Openstack Nova OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots. | 3.3 |
2014-01-24 | CVE-2013-2192 | Apache | Improper Authentication vulnerability in Apache Hadoop The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information by forcing a downgrade to simple authentication. | 3.2 |
2014-01-21 | CVE-2013-1923 | Linux NFS | Information Exposure vulnerability in Linux-Nfs Nfs-Utils rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks. | 3.2 |
2014-01-24 | CVE-2013-1853 | Almanah Project | Cryptographic Issues vulnerability in Almanah Project Almanah 0.10.0/0.9.0 Almanah Diary 0.9.0 and 0.10.0 does not encrypt the database when closed, which allows local users to obtain sensitive information by reading the database. | 2.1 |
2014-01-23 | CVE-2013-5371 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Storage Manager 6.3.1/6.4.0 The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations. | 2.1 |
2014-01-23 | CVE-2014-0979 | Opensuse Lightdm GTK Greeter Project | Local Denial of Service vulnerability in LightDM GTK+ Greeter The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service (NULL pointer dereference) via an empty username. | 2.1 |
2014-01-21 | CVE-2013-0157 | Kernel | Information Exposure vulnerability in Kernel Util-Linux 2.14.1/2.17.2 (a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates different error messages depending on whether the directory exists. | 2.1 |
2014-01-21 | CVE-2013-5429 | IBM | Improper Authentication vulnerability in IBM Tivoli Federated Identity Manager The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.2 before FP9 does not prevent reuse of One Time Password (OTP) tokens, which makes it easier for remote authenticated users to complete transactions by leveraging access to an already-used token. | 2.1 |
2014-01-21 | CVE-2010-5297 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress WordPress before 3.0.1, when a Multisite installation is used, permanently retains the "site administrators can add users" option once changed, which might allow remote authenticated administrators to bypass intended access restrictions in opportunistic circumstances via an add action after a temporary change. | 2.1 |
2014-01-26 | CVE-2013-6891 | Apple Canonical | Link Following vulnerability in multiple products lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf. | 1.2 |