Weekly Vulnerabilities Reports > May 12 to 18, 2014
Overview
126 new vulnerabilities reported during this period, including 21 critical vulnerabilities and 28 high severity vulnerabilities. This weekly summary report vulnerabilities in 132 products from 73 vendors including Microsoft, Adobe, Apple, Mediawiki, and Canonical. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-Site Request Forgery (CSRF)", and "Improper Input Validation".
- 120 reported vulnerabilities are remotely exploitables.
- 12 reported vulnerabilities have public exploit available.
- 36 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 109 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 27 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 14 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
21 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-05-16 | CVE-2014-0749 | Adaptivecomputing | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adaptivecomputing Torque Resource Manager Stack-based buffer overflow in lib/Libdis/disrsi_.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x through 2.5.13 allows remote attackers to execute arbitrary code via a large count value. | 10.0 |
2014-05-15 | CVE-2013-4730 | Pcman S FTP Server Project | Buffer Errors vulnerability in Pcman'S FTP Server Project Pcman'S FTP Server 2.0.7 Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER command. | 10.0 |
2014-05-14 | CVE-2014-1806 | Microsoft | Code Injection vulnerability in Microsoft .Net Framework The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote attackers to execute arbitrary code via vectors involving malformed objects, aka "TypeFilterLevel Vulnerability." | 10.0 |
2014-05-14 | CVE-2014-0529 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2014-05-14 | CVE-2014-0528 | Adobe Apple Microsoft | Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2014-05-14 | CVE-2014-0527 | Adobe Apple Microsoft | Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2014-05-14 | CVE-2014-0526 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0524. | 10.0 |
2014-05-14 | CVE-2014-0525 | Adobe Apple Microsoft | Permissions, Privileges, and Access Controls vulnerability in Adobe Acrobat and Acrobat Reader The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via unspecified API calls. | 10.0 |
2014-05-14 | CVE-2014-0524 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0526. | 10.0 |
2014-05-14 | CVE-2014-0523 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0524, and CVE-2014-0526. | 10.0 |
2014-05-14 | CVE-2014-0522 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0523, CVE-2014-0524, and CVE-2014-0526. | 10.0 |
2014-05-14 | CVE-2014-0513 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Illustrator Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and 16.2.x before 16.2.2 allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2014-05-14 | CVE-2014-2405 | Oracle Canonical Debian | Remote Security vulnerability in Oracle Openjdk 1.6.0 Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462. | 10.0 |
2014-05-14 | CVE-2014-1849 | Foscam | Credentials Management vulnerability in Foscam IP Camera Firmware 11.37.2.49 Foscam IP camera 11.37.2.49 and other versions, when using the Foscam DynDNS option, generates credentials based on predictable camera subdomain names, which allows remote attackers to spoof or hijack arbitrary cameras and conduct other attacks by modifying arbitrary camera records in the Foscam DNS server. | 10.0 |
2014-05-14 | CVE-2014-0462 | Oracle Canonical Debian | Remote Security vulnerability in Oracle Openjdk 1.6.0 Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405. | 10.0 |
2014-05-14 | CVE-2014-2046 | Broadcom | Cryptographic Issues vulnerability in Broadcom Pipa C211 and Pipa C211 web Interface cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or (2) modify the firmware via unspecified vectors. | 9.7 |
2014-05-14 | CVE-2014-1815 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as exploited in the wild in May 2014, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0310. | 9.3 |
2014-05-14 | CVE-2014-1756 | Microsoft | Remote Code Execution vulnerability in Microsoft Office 2007/2010/2013 Untrusted search path vulnerability in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013 Gold, SP1, RT, and RT SP1, when the Simplified Chinese Proofing Tool is enabled, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Microsoft Office Chinese Grammar Checking Vulnerability." Per: http://cwe.mitre.org/data/definitions/426.html "CWE-426: Untrusted Search Path" | 9.3 |
2014-05-14 | CVE-2014-0310 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1815. | 9.3 |
2014-05-14 | CVE-2014-1812 | Microsoft | Credentials Management vulnerability in Microsoft products The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka "Group Policy Preferences Password Elevation of Privilege Vulnerability." | 9.0 |
2014-05-14 | CVE-2014-0251 | Microsoft | Code Injection vulnerability in Microsoft products Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010 SP1 and SP2 and 2013 Gold and SP1; Web Applications 2010 SP1 and SP2; Office Web Apps Server 2013 Gold and SP1; SharePoint Server 2013 Client Components SDK; and SharePoint Designer 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "SharePoint Page Content Vulnerability." | 9.0 |
28 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-05-17 | CVE-2014-2084 | Skyboxsecurity | Permissions, Privileges, and Access Controls vulnerability in Skyboxsecurity Skybox View Appliance and Skybox View Appliance ISO Skybox View Appliances with ISO 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54, 6.4.45-2.56, and 6.4.46-2.57 does not properly restrict access to the Admin interface, which allows remote attackers to obtain sensitive information via a request to (1) scripts/commands/getSystemInformation or (2) scripts/commands/getNetworkConfigurationInfo, cause a denial of service (reboot) via a request to scripts/commands/reboot, or cause a denial of service (shutdown) via a request to scripts/commands/shutdown. | 8.5 |
2014-05-14 | CVE-2014-1813 | Microsoft | Code Injection vulnerability in Microsoft web Applications 2010 Microsoft Web Applications 2010 SP1 and SP2 allows remote authenticated users to execute arbitrary code via crafted page content, aka "Web Applications Page Content Vulnerability." | 8.5 |
2014-05-16 | CVE-2014-0782 | Yokogawa | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Yokogawa products Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier allows remote attackers to execute arbitrary code via a crafted packet. | 8.3 |
2014-05-16 | CVE-2014-1649 | Symantec | Permissions, Privileges, and Access Controls vulnerability in Symantec Workspace Streaming 6.1/7.5.0 The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS. | 7.9 |
2014-05-16 | CVE-2014-0643 | EMC | Improper Authentication vulnerability in EMC RSA Netwitness and RSA Security Analytics EMC RSA NetWitness before 9.8.5.19 and RSA Security Analytics before 10.2.4 and 10.3.x before 10.3.2, when Kerberos PAM is enabled, do not require a password, which allows remote attackers to bypass authentication by leveraging knowledge of a valid account name. | 7.6 |
2014-05-14 | CVE-2014-3121 | Marc Lehmann | OS Command Injection vulnerability in Marc Lehmann Rxvt-Unicode rxvt-unicode before 9.20 does not properly handle OSC escape sequences, which allows user-assisted remote attackers to manipulate arbitrary X window properties and execute arbitrary commands. | 7.6 |
2014-05-16 | CVE-2014-1613 | Dotclear | Code Injection vulnerability in Dotclear Dotclear before 2.6.2 allows remote attackers to execute arbitrary PHP code via a serialized object in the dc_passwd cookie to a password-protected page, which is not properly handled by (1) inc/public/lib.urlhandlers.php or (2) plugins/pages/_public.php. | 7.5 |
2014-05-16 | CVE-2014-3759 | Karlen Walter | SQL Injection vulnerability in Karlen Walter SI Bibtex 0.2.3 Multiple SQL injection vulnerabilities in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the (1) search or (2) list functionality. | 7.5 |
2014-05-15 | CVE-2014-3757 | Phpmanufaktur | SQL Injection vulnerability in PHPmanufaktur Kitform SQL injection vulnerability in sorter.php in the phpManufaktur kitForm extension 0.43 and earlier for the KeepInTouch (KIT) module allows remote attackers to execute arbitrary SQL commands via the sorter_value parameter. | 7.5 |
2014-05-15 | CVE-2014-0211 | Canonical X | Numeric Errors vulnerability in multiple products Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow. | 7.5 |
2014-05-15 | CVE-2014-0210 | X Canonical | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_setup, (2) fs_read_open_font, (3) fs_read_query_info, (4) fs_read_extent_info, (5) fs_read_glyphs, (6) fs_read_list, or (7) fs_read_list_info function. | 7.5 |
2014-05-14 | CVE-2013-2226 | Glpi Project | SQL Injection vulnerability in Glpi-Project Glpi Multiple SQL injection vulnerabilities in GLPI before 0.83.9 allow remote attackers to execute arbitrary SQL commands via the (1) users_id_assign parameter to ajax/ticketassigninformation.php, (2) filename parameter to front/document.form.php, or (3) table parameter to ajax/comments.php. | 7.5 |
2014-05-14 | CVE-2014-0520 | Adobe Apple Microsoft Linux | Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0518, and CVE-2014-0519. | 7.5 |
2014-05-14 | CVE-2014-0519 | Adobe Apple Microsoft Linux | Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0518, and CVE-2014-0520. | 7.5 |
2014-05-14 | CVE-2014-0518 | Adobe Apple Microsoft Linux | Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0519, and CVE-2014-0520. | 7.5 |
2014-05-14 | CVE-2014-0517 | Adobe Apple Microsoft Linux | Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0518, CVE-2014-0519, and CVE-2014-0520. | 7.5 |
2014-05-14 | CVE-2014-0516 | Adobe Apple Microsoft Linux | Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow remote attackers to bypass the Same Origin Policy via unspecified vectors. | 7.5 |
2014-05-14 | CVE-2014-1909 | Google Opensuse | Numeric Errors vulnerability in multiple products Integer signedness error in system/core/adb/adb_client.c in Android Debug Bridge (ADB) for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow. | 7.5 |
2014-05-13 | CVE-2013-4552 | Drupalauth Project | Improper Authentication vulnerability in Drupalauth Project Drupalauth 1.2.1 lib/Auth/Source/External.php in the drupalauth module before 1.2.2 for simpleSAMLphp allows remote attackers to authenticate as an arbitrary user via the user name (uid) in a cookie. | 7.5 |
2014-05-13 | CVE-2011-4970 | Disk Pool Manager Project | SQL Injection vulnerability in Disk Pool Manager Project Disk Pool Manager 1.8.2/1.8.3/1.8.5 Multiple SQL injection vulnerabilities in LCG Disk Pool Manager (DPM) before 1.8.6, as used in EGI UDM, allow remote attackers to execute arbitrary SQL commands via the (1) r_token variable in the dpm_get_pending_req_by_token, (2) dpm_get_cpr_by_fullid, (3) dpm_get_cpr_by_surl, (4) dpm_get_cpr_by_surls, (5) dpm_get_gfr_by_fullid, (6) dpm_get_gfr_by_surl, (7) dpm_get_pfr_by_fullid, (8) dpm_get_pfr_by_surl, (9) dpm_get_req_by_token, (10) dpm_insert_cpr_entry, (11) dpm_insert_gfr_entry, (12) dpm_insert_pending_entry, (13) dpm_insert_pfr_entry, (14) dpm_insert_xferreq_entry, (15) dpm_list_cpr_entry, (16) dpm_list_gfr_entry, or (17) dpm_list_pfr_entry function; the (18) surl variable in the dpm_get_cpr_by_surl function; the (19) to_surl variable in the dpm_get_cpr_by_surls function; the (20) u_token variable in the dpm_get_pending_reqs_by_u_desc, (21) dpm_get_reqs_by_u_desc, (22) dpm_get_spcmd_by_u_desc, (23) dpm_insert_pending_entry, (24) dpm_insert_spcmd_entry, or (25) dpm_insert_xferreq_entry function; the (26) s_token variable in the dpm_get_spcmd_by_token, (27) dpm_insert_cpr_entry, (28) dpm_insert_gfr_entry, (29) dpm_insert_pfr_entry, (30) dpm_insert_spcmd_entry, (31) dpm_update_cpr_entry, (32) dpm_update_gfr_entry, or (33) dpm_update_pfr_entry function; or remote administrators to execute arbitrary SQL commands via the (34) poolname variable in the dpm_get_pool_entry, (35) dpm_insert_fs_entry, (36) dpm_insert_pool_entry, (37) dpm_insert_spcmd_entry, (38) dpm_list_fs_entry, or (39) dpm_update_spcmd_entry function. | 7.5 |
2014-05-12 | CVE-2013-6453 | Mediawiki | Improper Input Validation vulnerability in Mediawiki MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML. | 7.5 |
2014-05-12 | CVE-2013-5671 | Mark Evans | Unspecified vulnerability in Mark Evans Fog-Dragonfly 0.8.2 lib/dragonfly/imagemagickutils.rb in the fog-dragonfly gem 0.8.2 for Ruby allows remote attackers to execute arbitrary commands via unspecified vectors. | 7.5 |
2014-05-12 | CVE-2013-4571 | Mediawiki | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mediawiki Buffer overflow in php-luasandbox in the Scribuntu extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 has unspecified impact and remote vectors. | 7.5 |
2014-05-14 | CVE-2014-1807 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft products The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly implement file associations, which allows local users to gain privileges via a crafted application, as exploited in the wild in May 2014, aka "Windows Shell File Association Vulnerability." | 7.2 |
2014-05-16 | CVE-2014-0964 | IBM | Resource Management Errors vulnerability in IBM Websphere Application Server IBM WebSphere Application Server (WAS) 6.1.0.0 through 6.1.0.47 and 6.0.2.0 through 6.0.2.43 allows remote attackers to cause a denial of service via crafted TLS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool. | 7.1 |
2014-05-16 | CVE-2014-0918 | IBM | Path Traversal vulnerability in IBM Websphere Portal Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06 allows remote attackers to read arbitrary files via a crafted URL. | 7.1 |
2014-05-14 | CVE-2014-3127 | Debian | Path Traversal vulnerability in Debian Dpkg dpkg 1.15.9 on Debian squeeze introduces support for the "C-style encoded filenames" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package. | 7.1 |
2014-05-12 | CVE-2014-2928 | F5 | Remote Command Injection vulnerability in Multiple F5 BIG-IP Products The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request. | 7.1 |
72 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-05-14 | CVE-2014-2591 | BMC | Privilege Escalation vulnerability in BMC Patrol Agent 3.9.00 Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting. | 6.9 |
2014-05-16 | CVE-2013-7379 | Ucdok | Improper Authentication vulnerability in Ucdok Tomato 0.0.5 The admin API in the tomato module before 0.0.6 for Node.js does not properly check the access key when it is set to a string, which allows remote attackers to bypass authentication via a string in the access-key header that partially matches config.master.api.access_key. | 6.8 |
2014-05-16 | CVE-2014-0933 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Information Server Metadata Workbench Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Information Server Metadata Workbench 8.1 through 9.1 allows remote attackers to hijack the authentication of arbitrary users. | 6.8 |
2014-05-14 | CVE-2013-7376 | Openx | Cross-Site Request Forgery (CSRF) vulnerability in Openx 2.8.10 Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.10, possibly before revision 82710, allow remote attackers to hijack the authentication of administrators, as demonstrated by requests that conduct directory traversal attacks via the group parameter to (1) plugin-preferences.php or (2) plugin-settings.php in www/admin, a different vulnerability than CVE-2013-3514. | 6.8 |
2014-05-14 | CVE-2013-2700 | Webmaster Source | Cross-Site Request Forgery (CSRF) vulnerability in Webmaster-Source Wp125 Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 plugin before 1.5.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad via unspecified vectors. | 6.8 |
2014-05-14 | CVE-2014-1809 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft Office 2007/2010/2013 The MSCOMCTL library in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013 Gold, SP1, RT, and RT SP1 makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted web site, as exploited in the wild in May 2014, aka "MSCOMCTL ASLR Vulnerability." | 6.8 |
2014-05-14 | CVE-2011-2514 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat Icedtea-Web and Icedtea6 The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warning dialog box to represent a different filename than the file for which access will be granted. | 6.8 |
2014-05-13 | CVE-2013-4562 | Madeofcode | Cross-Site Request Forgery (CSRF) vulnerability in Madeofcode Omniauth-Facebook 1.4.1 The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via the state parameter. | 6.8 |
2014-05-13 | CVE-2014-2989 | Open Assessment Technologies | Cross-Site Request Forgery (CSRF) vulnerability in Open Assessment Technologies TAO 2.5.6 Cross-site request forgery (CSRF) vulnerability in Open Assessment Technologies TAO 2.5.6 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via a request to Users/add. | 6.8 |
2014-05-13 | CVE-2013-2705 | Tipsandtricks HQ | Cross-Site Request Forgery (CSRF) vulnerability in Tipsandtricks-Hq Wordpress Simple Paypal Shopping Cart Cross-site request forgery (CSRF) vulnerability in the WordPress Simple Paypal Shopping Cart plugin before 3.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings. | 6.8 |
2014-05-13 | CVE-2013-2692 | Openvpn | Cross-Site Request Forgery (CSRF) vulnerability in Openvpn Access Server 1.5.6 Cross-site request forgery (CSRF) vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users. | 6.8 |
2014-05-13 | CVE-2012-6342 | Atlassian | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Confluence Server 3.4.6 Cross-site request forgery (CSRF) vulnerability in logout.action in Atlassian Confluence 3.4.6 allows remote attackers to hijack the authentication of administrators for requests that logout the user via a comment. | 6.8 |
2014-05-12 | CVE-2014-3455 | Mediawiki | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) CreateProperty, (2) CreateTemplate, (3) CreateForm, and (4) CreateClass special pages in the SemanticForms extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allow remote attackers to hijack the authentication of users for requests that have unspecified impact and vectors. | 6.8 |
2014-05-12 | CVE-2014-3454 | Mediawiki | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki Cross-site request forgery (CSRF) vulnerability in Special:CreateCategory in the SemanticForms extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to hijack the authentication of users for requests that create categories via unspecified vectors. | 6.8 |
2014-05-12 | CVE-2013-5748 | Simplerisk | Cross-Site Request Forgery (CSRF) vulnerability in Simplerisk 20130915001 Cross-site request forgery (CSRF) vulnerability in management/prioritize_planning.php in SimpleRisk before 20130916-001 allows remote attackers to hijack the authentication of users for requests that add projects via an add_project action. | 6.8 |
2014-05-12 | CVE-2013-4581 | Gitlab | Code Injection vulnerability in Gitlab and Gitlab-Shell GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH. | 6.8 |
2014-05-12 | CVE-2013-4580 | Gitlab | Improper Authentication vulnerability in Gitlab GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls. | 6.8 |
2014-05-17 | CVE-2013-4489 | Gitlab | Remote Code Execution vulnerability in GitLab 'Code Search' Feature The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature. | 6.5 |
2014-05-17 | CVE-2014-3453 | Flag Module Project | Code Injection vulnerability in Flag Module Project Flag Eval injection vulnerability in the flag_import_form_validate function in includes/flag.export.inc in the Flag module 7.x-3.0, 7.x-3.5, and earlier for Drupal allows remote authenticated administrators to execute arbitrary PHP code via the "Flag import code" text area to admin/structure/flags/import. | 6.5 |
2014-05-14 | CVE-2013-4468 | Vicidial | Command Injection vulnerability in VICIDIAL 'manager_send.php' VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in the extension parameter in an OriginateVDRelogin action to manager_send.php. | 6.5 |
2014-05-13 | CVE-2013-4546 | Gitlab | Unspecified vulnerability in Gitlab and Gitlab-Shell The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL. | 6.5 |
2014-05-13 | CVE-2013-4490 | Gitlab | Remote Code Execution vulnerability in GitLab 'SSH key upload' Feature The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key. | 6.5 |
2014-05-13 | CVE-2014-3246 | O DYN | SQL Injection vulnerability in O-Dyn Collabtive 1.2 SQL injection vulnerability in Collabtive 1.2 allows remote authenticated users to execute arbitrary SQL commands via the folder parameter in a fileview_list action to manageajax.php. | 6.5 |
2014-05-16 | CVE-2014-1418 | Djangoproject Canonical | Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the cache via a request from certain browsers. | 6.4 |
2014-05-14 | CVE-2013-5655 | Xiaowen Huang | Path Traversal vulnerability in Xiaowen Huang Yingzhi Python Programming Language 1.9 Directory traversal vulnerability in the FTP server in YingZhi Python Programming Language for iOS 1.9 allows remote attackers to read and possibly write arbitrary files via a .. | 6.4 |
2014-05-12 | CVE-2013-5984 | Microweber | Path Traversal vulnerability in Microweber 0.8 Directory traversal vulnerability in userfiles/modules/admin/backup/delete.php in Microweber before 0.830 allows remote attackers to delete arbitrary files via a .. | 6.4 |
2014-05-16 | CVE-2014-3750 | Bilyoner | Cryptographic Issues vulnerability in Bilyoner 2.1.1/4.6 The Bilyoner application before 2.3.1 for Android and before 4.6.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
2014-05-14 | CVE-2013-4471 | Openstack | Improper Authentication vulnerability in Openstack Horizon 2013.1/2013.2 The Identity v3 API in OpenStack Dashboard (Horizon) before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user. | 5.5 |
2014-05-16 | CVE-2014-3263 | Cisco | Improper Input Validation vulnerability in Cisco IOS 15.3(3)M/15.3M The ScanSafe module in Cisco IOS 15.3(3)M allows remote attackers to cause a denial of service (device reload) via HTTPS packets that require tower processing, aka Bug ID CSCum97038. | 5.4 |
2014-05-17 | CVE-2013-7382 | Vicidial | Credentials Management vulnerability in Vicidial 2.7/2.8 VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the (1) VDAD and (2) VDCL users, which makes it easier for remote attackers to obtain access. | 5.0 |
2014-05-16 | CVE-2014-3742 | Spumko Project | Resource Management Errors vulnerability in Spumko Project Hapi Server Framework 2.0.0/2.1.1/2.1.2 The hapi server framework 2.0.x and 2.1.x before 2.2.0 for Node.js allows remote attackers to cause a denial of service (file descriptor consumption and process crash) via unspecified vectors. | 5.0 |
2014-05-14 | CVE-2014-3430 | Dovecot | Improper Authentication vulnerability in Dovecot Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection. | 5.0 |
2014-05-14 | CVE-2014-0256 | Microsoft | Improper Input Validation vulnerability in Microsoft Windows Server 2008 and Windows Server 2012 Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold allow remote attackers to cause a denial of service (iSCSI service outage) by sending many crafted packets, aka "iSCSI Target Remote Denial of Service Vulnerability." | 5.0 |
2014-05-14 | CVE-2014-0255 | Microsoft | Improper Input Validation vulnerability in Microsoft Windows Server 2008 and Windows Server 2012 Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (iSCSI service outage) by sending many crafted packets, aka "iSCSI Target Remote Denial of Service Vulnerability." | 5.0 |
2014-05-14 | CVE-2011-2513 | Redhat | Information Exposure vulnerability in Redhat Icedtea-Web and Icedtea6 The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to obtain the username and full path of the home and cache directories by accessing properties of the ClassLoader. | 5.0 |
2014-05-13 | CVE-2013-4501 | Quiz Module Project | Permissions, Privileges, and Access Controls vulnerability in Quiz Module Project Quiz The default views in the Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote attackers to obtain sensitive quiz results via unspecified vectors. | 5.0 |
2014-05-12 | CVE-2014-3243 | Makina Corpus | Buffer Errors vulnerability in Makina-Corpus Soappy 0.12.5 SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted SOAP request containing a large number of nested entity references. | 5.0 |
2014-05-12 | CVE-2014-3242 | Makina Corpus | Information Exposure vulnerability in Makina-Corpus Soappy 0.12.5 SOAPpy 0.12.5 allows remote attackers to read arbitrary files via a SOAP request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 5.0 |
2014-05-12 | CVE-2014-2301 | Bscw | Information Exposure vulnerability in Bscw 5.0.7 OrbiTeam BSCW before 5.0.8 allows remote attackers to obtain sensitive metadata via the inf operations (op=inf) to an object in pub/bscw.cgi/. | 5.0 |
2014-05-12 | CVE-2013-6472 | Mediawiki | Information Exposure vulnerability in Mediawiki MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain information about deleted page via the (1) log API, (2) enhanced RecentChanges, and (3) user watchlists. | 5.0 |
2014-05-12 | CVE-2013-4570 | Mediawiki | Unspecified vulnerability in Mediawiki The zend_inline_hash_func function in php-luasandbox in the Scribuntu extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to converting Lua data structures to PHP, as demonstrated by passing { [{}] = 1 } to a module function. | 5.0 |
2014-05-13 | CVE-2013-4500 | Quiz Module Project | Permissions, Privileges, and Access Controls vulnerability in Quiz Module Project Quiz The Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote authenticated users with the "view any quiz results" or "view results for own quiz" permission to delete arbitrary results via the delete option. | 4.9 |
2014-05-15 | CVE-2014-0209 | X Canonical | Numeric Errors vulnerability in multiple products Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a directory with a large fonts.dir or fonts.alias file to the font path, which triggers a heap-based buffer overflow, related to metadata. | 4.6 |
2014-05-18 | CVE-2014-1347 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple Itunes Apple iTunes before 11.2.1 on OS X sets world-writable permissions for /Users and /Users/Shared during reboots, which allows local users to modify files, and consequently obtain access to arbitrary user accounts, via standard filesystem operations. | 4.4 |
2014-05-16 | CVE-2014-3730 | Canonical Djangoproject Opensuse Debian | Improper Input Validation vulnerability in multiple products The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly validate URLs, which allows remote attackers to conduct open redirect attacks via a malformed URL, as demonstrated by "http:\\\djangoproject.com." | 4.3 |
2014-05-16 | CVE-2014-3452 | Codecguide | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Codecguide K-Lite Codec Pack Filters\LAV\avfilter-lav-4.dll in K-lite Codec 10.4.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .jpg file. | 4.3 |
2014-05-16 | CVE-2014-3758 | Karlen Walter | Cross-Site Scripting vulnerability in Karlen Walter SI Bibtex 0.2.3 Cross-site scripting (XSS) vulnerability in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via vectors related to the import functionality. | 4.3 |
2014-05-16 | CVE-2014-3262 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782. | 4.3 |
2014-05-16 | CVE-2014-0917 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Portal Cross-site scripting (XSS) vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2014-05-15 | CVE-2014-3247 | O DYN | Cross-Site Scripting vulnerability in O-Dyn Collabtive 1.2 Cross-site scripting (XSS) vulnerability in Collabtive 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the desc parameter in an Add project (addpro) action to admin.php. | 4.3 |
2014-05-15 | CVE-2013-0197 | Mantisbt | Cross-Site Scripting vulnerability in Mantisbt 1.2.12/1.2.13 Cross-site scripting (XSS) vulnerability in the filter_draw_selection_area2 function in core/filter_api.php in MantisBT 1.2.12 before 1.2.13 allows remote attackers to inject arbitrary web script or HTML via the match_type parameter to bugs/search.php. | 4.3 |
2014-05-14 | CVE-2014-3443 | Jetaudio | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Jetaudio JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file. | 4.3 |
2014-05-14 | CVE-2014-3441 | Videolan | Buffer Errors vulnerability in Videolan VLC Media Player 2.1.3 codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file. | 4.3 |
2014-05-14 | CVE-2014-3146 | Lxml | Unspecified vulnerability in Lxml Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function. | 4.3 |
2014-05-14 | CVE-2014-1603 | GET Simple | Cross-Site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.1 Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) param parameter to admin/load.php or (2) user, (3) email, or (4) name parameter in a Save Settings action to admin/settings.php. | 4.3 |
2014-05-14 | CVE-2013-5939 | Phpcms | Cross-Site Scripting vulnerability in PHPcms Guesbook Module Multiple cross-site scripting (XSS) vulnerabilities in the Guestbook module for PHPCMS allow remote attackers to inject arbitrary web script or HTML via the (1) list or (2) introduce parameter to index.php. | 4.3 |
2014-05-14 | CVE-2013-3514 | Openx | Path Traversal vulnerability in Openx Multiple directory traversal vulnerabilities in OpenX before 2.8.10 revision 82710 allow remote administrators to read arbitrary files via a .. | 4.3 |
2014-05-14 | CVE-2013-2087 | Galleryproject | Cross-Site Scripting vulnerability in Galleryproject Gallery Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) movie title to modules/gallery/controllers/movies.php or (2) key variable to modules/gallery/views/error_admin.html.php. | 4.3 |
2014-05-14 | CVE-2013-1765 | Smart FLV Plugin Project | Cross-Site Scripting vulnerability in Smart-Flv Plugin Project Smart-Flv Multiple cross-site scripting (XSS) vulnerabilities in jwplayer.swf in the smart-flv plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) link or (2) playerready parameter. | 4.3 |
2014-05-14 | CVE-2011-5249 | Intersectalliance | Cross-Site Scripting vulnerability in Intersectalliance System Intrusion Analysis and Reporting Environment Cross-site scripting (XSS) vulnerability in the events page in the System iNtrusion Analysis and Reporting Environment (SNARE) for Linux agent before 1.7.0 allows remote attackers to inject arbitrary web script or HTML via a logged shell command. | 4.3 |
2014-05-14 | CVE-2014-1808 | Microsoft | Information Exposure vulnerability in Microsoft Office 2013 Microsoft Office 2013 Gold, SP1, RT, and RT SP1 allows remote attackers to obtain sensitive token information via a web site that sends a crafted response during opening of an Office document, aka "Token Reuse Vulnerability." | 4.3 |
2014-05-14 | CVE-2014-1754 | Microsoft | Cross-Site Scripting vulnerability in Microsoft products Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 Gold and SP1, SharePoint Foundation 2013 Gold and SP1, Office Web Apps Server 2013 Gold and SP1, and SharePoint Server 2013 Client Components SDK allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability." | 4.3 |
2014-05-14 | CVE-2014-0521 | Adobe Apple Microsoft | Information Exposure vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document. | 4.3 |
2014-05-14 | CVE-2011-4407 | Canonical | Improper Input Validation vulnerability in Canonical Software-Properties and Ubuntu Linux ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) attackers to spoof GPG keys for a package repository. | 4.3 |
2014-05-13 | CVE-2014-3456 | Gitlab | Cross-Site Scripting vulnerability in Gitlab 6.6.0/6.6.1 Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition (EE) 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-05-13 | CVE-2013-1407 | Netweblogic | Cross-Site Scripting vulnerability in Netweblogic Events Manager and Events Manager PRO Multiple cross-site scripting (XSS) vulnerabilities in the Events Manager plugin before 5.3.5 and Events Manager Pro plugin before 2.2.9 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) scope parameter to index.php; (2) user_name, (3) dbem_phone, (4) user_email, or (5) booking_comment parameter to an event with registration enabled; or the (6) _wpnonce parameter to wp-admin/edit.php. | 4.3 |
2014-05-12 | CVE-2013-6454 | Mediawiki | Cross-Site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via a -o-link attribute. | 4.3 |
2014-05-12 | CVE-2013-6452 | Mediawiki | Cross-Site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via crafted XSL in an SVG file. | 4.3 |
2014-05-12 | CVE-2013-5749 | Simplerisk | Cross-Site Scripting vulnerability in Simplerisk 20130915001 Cross-site scripting (XSS) vulnerability in management/prioritize_planning.php in SimpleRisk before 20130916-001 allows remote attackers to inject arbitrary web script or HTML via the new_project parameter. | 4.3 |
2014-05-12 | CVE-2013-4574 | Mediawiki | Cross-Site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in the TimeMediaHandler extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to videos. | 4.3 |
2014-05-14 | CVE-2014-3225 | Cobblerd | Path Traversal vulnerability in Cobblerd Cobbler Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x through 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile. | 4.0 |
2014-05-13 | CVE-2013-4502 | Nathan Haug Drupal | Permissions, Privileges, and Access Controls vulnerability in Nathan Haug Filefield Sources The FileField Sources module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.9 for Drupal does not properly check file permissions, which allows remote authenticated users to read arbitrary files by attaching a file. | 4.0 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-05-13 | CVE-2013-4504 | Monster Menus Module Project Drupal | Permissions, Privileges, and Access Controls vulnerability in Monster Menus Module Project Monster Menus The Monster Menus module 7.x-1.x before 7.x-1.15 allows remote attackers to read arbitrary node comments via a crafted URL. | 2.6 |
2014-05-17 | CVE-2013-4498 | Florian Weber Drupal | Permissions, Privileges, and Access Controls vulnerability in Florian Weber Spaces The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 for Drupal does not properly delete organic group group spaces content when using the option to move to a new group, which causes the content to be "orphaned" and allows remote authenticated users with the "access content" permission to obtain sensitive information via vectors involving a rebuild access for the site or content. | 2.1 |
2014-05-15 | CVE-2013-1810 | Mantisbt | Cross-Site Scripting vulnerability in Mantisbt 1.2.12 Multiple cross-site scripting (XSS) vulnerabilities in core/summary_api.php in MantisBT 1.2.12 allow remote authenticated users with manager or administrator permissions to inject arbitrary web script or HTML via a (1) category name in the summary_print_by_category function or (2) project name in the summary_print_by_project function. | 2.1 |
2014-05-14 | CVE-2013-4455 | Katello | Permissions, Privileges, and Access Controls vulnerability in Katello Installer Katello Installer before 0.0.18 uses world-readable permissions for /etc/pki/tls/private/katello-node.key when deploying a child Pulp node, which allows local users to obtain the private key by reading the file. | 2.1 |
2014-05-13 | CVE-2013-4503 | Feed Element Mapper Project | Cross-Site Scripting vulnerability in Feed Element Mapper Project Feed Element Mapper Cross-site scripting (XSS) vulnerability in the Feed Element Mapper module for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via vectors related to options. | 2.1 |