Weekly Vulnerabilities Reports > May 19 to 25, 2014

Overview

141 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 19 high severity vulnerabilities. This weekly summary report vulnerabilities in 119 products from 71 vendors including Apple, Cisco, Google, IBM, and Wordpress. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", and "Cryptographic Issues".

  • 126 reported vulnerabilities are remotely exploitables.
  • 13 reported vulnerabilities have public exploit available.
  • 34 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 122 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 20 reported vulnerabilities.
  • Juniper has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

7 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-05-21 CVE-2012-1166 Canonical OS Command Injection vulnerability in Canonical Ltsp Display Manager and Ubuntu Linux

The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window.

10.0
2014-05-20 CVE-2014-3791 Efssoft Buffer Errors vulnerability in Efssoft Easy File Sharing web Server 6.8

Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp.

10.0
2014-05-20 CVE-2014-3412 Juniper Remote Code Execution vulnerability in Juniper products

Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors.

10.0
2014-05-19 CVE-2014-3411 Juniper Remote Code Execution vulnerability in Juniper products

Unspecified vulnerability in the NSM XDB service in Juniper NSM before 2012.2R8 allows remote attackers to execute arbitrary code via unspecified vectors.

10.0
2014-05-22 CVE-2014-1770 Microsoft Resource Management Errors vulnerability in Microsoft Internet Explorer

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript code that interacts improperly with a CollectGarbage function call on a CMarkup object allocated by the CMarkup::CreateInitialMarkup function.

9.3
2014-05-20 CVE-2014-3444 Realnetworks Code Injection vulnerability in Realnetworks Realplayer

The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (write access violation and application crash) via a malformed .3gp file.

9.3
2014-05-20 CVE-2013-7383 X2Go Permissions, Privileges, and Access Controls vulnerability in X2Go Server

x2gocleansessions in X2Go Server before 4.0.0.8 and 4.0.1.x before 4.0.1.10 allows remote authenticated users to gain privileges via unspecified vectors, possibly related to backticks.

9.0

19 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-05-23 CVE-2013-1668 Coscms OS Command Injection vulnerability in Coscms 1.3/1.41

The uploadFile function in upload/index.php in CosCMS before 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file.

8.5
2014-05-22 CVE-2014-2938 Hanon Improper Authentication vulnerability in Hanon products

Hanvon FaceID before 1.007.110 does not require authentication, which allows remote attackers to modify access-control and attendance-tracking data via API commands.

8.3
2014-05-23 CVE-2013-2757 Citrix Permissions, Privileges, and Access Controls vulnerability in Citrix Cloudplatform

Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C does not properly restrict access to VNC ports on the management network, which allows remote attackers to have unspecified impact via unknown vectors.

7.5
2014-05-22 CVE-2014-3789 Cogentdatahub Code Injection vulnerability in Cogentdatahub Cogent Datahub

GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary commands via unspecified vectors.

7.5
2014-05-22 CVE-2014-3788 Cogentdatahub Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cogentdatahub Cogent Datahub

Heap-based buffer overflow in the Web Server in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary code via a negative value in the Content-Length field in a request.

7.5
2014-05-22 CVE-2014-2350 Emerson Credentials Management vulnerability in Emerson Deltav

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.

7.5
2014-05-22 CVE-2014-3775 Libgadu Improper Input Validation vulnerability in Libgadu 1.12.0

libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message.

7.5
2014-05-21 CVE-2014-3152 Fedoraproject
Google
Numeric Errors vulnerability in multiple products

Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a negative key value.

7.5
2014-05-21 CVE-2014-1749 Google Unspecified vulnerability in Google Chrome

Multiple unspecified vulnerabilities in Google Chrome before 35.0.1916.114 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5
2014-05-21 CVE-2014-1745 Google Resource Management Errors vulnerability in Google Chrome

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp.

7.5
2014-05-21 CVE-2014-1744 Google Numeric Errors vulnerability in Google Chrome

Integer overflow in the AudioInputRendererHost::OnCreateStream function in content/browser/renderer_host/media/audio_input_renderer_host.cc in Google Chrome before 35.0.1916.114 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large shared-memory allocation.

7.5
2014-05-21 CVE-2014-1743 Google Resource Management Errors vulnerability in Google Chrome

Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers tree mutation.

7.5
2014-05-20 CVE-2014-3776 Call CC Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Call-Cc Chicken 4.8.0.7/4.9.0

Buffer overflow in the "read-u8vector!" procedure in the srfi-4 unit in CHICKEN stable 4.8.0.7 and development snapshots before 4.9.1 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via a "#f" value in the NUM argument.

7.5
2014-05-20 CVE-2014-3749 Construtiva SQL Injection vulnerability in Construtiva CIS Manager CMS

SQL injection vulnerability in Construtiva CIS Manager allows remote attackers to execute arbitrary SQL commands via the email parameter to autenticar/lembrarlogin.asp.

7.5
2014-05-20 CVE-2014-2351 Controlsystemworks SQL Injection vulnerability in Controlsystemworks Csworks

SQL injection vulnerability in the LiveData service in CSWorks before 2.5.5233.0 allows remote attackers to execute arbitrary SQL commands via vectors related to pathnames contained in web API requests.

7.5
2014-05-19 CVE-2013-6766 Openvas Improper Authentication vulnerability in Openvas Administrator

OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows remote attackers to bypass the OAP authentication restrictions and execute OAP commands via a crafted OAP request for version information, which causes the state to be set to CLIENT_AUTHENTIC.

7.5
2014-05-19 CVE-2013-6765 Openvas Improper Authentication vulnerability in Openvas Manager

OpenVAS Manager 3.0 before 3.0.7 and 4.0 before 4.0.4 allows remote attackers to bypass the OMP authentication restrictions and execute OMP commands via a crafted OMP request for version information, which causes the state to be set to CLIENT_AUTHENTIC, as demonstrated by the omp_xml_handle_end_element function in omp.c.

7.5
2014-05-23 CVE-2014-3450 Pandasecurity Local Privilege Escalation Vulnerabilitiy in Panda Security Multiple Products

Unspecified vulnerability in Panda Gold Protection and Global Protection 2014 7.01.01 and earlier, Internet Security 2014 19.01.01 and earlier, and AV Pro 2014 13.01.01 and earlier allows local users to gain privileges via unspecified vectors.

7.2
2014-05-25 CVE-2014-0943 IBM Improper Input Validation vulnerability in IBM Websphere Commerce

IBM WebSphere Commerce 6.0 Feature Pack 2 through Feature Pack 5, 7.0.0.0 through 7.0.0.8, and 7.0 Feature Pack 1 through Feature Pack 7 allows remote attackers to cause a denial of service (resource consumption and daemon crash) via a malformed id parameter in a request.

7.1

104 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-05-23 CVE-2013-2713 Krisonav Cross-Site Request Forgery (CSRF) vulnerability in Krisonav

Cross-site request forgery (CSRF) vulnerability in users_maint.html in KrisonAV CMS before 3.0.2 allows remote attackers to hijack the authentication of administrators for requests that create user accounts via a crafted request.

6.8
2014-05-23 CVE-2012-5649 Apache Code Injection vulnerability in Apache Couchdb

Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to execute arbitrary code via a JSONP callback, related to Adobe Flash.

6.8
2014-05-23 CVE-2013-2107 Mail ON Update Project Cross-Site Request Forgery (CSRF) vulnerability in Mail ON Update Project Mail ON Update 5.0.0/5.1.0

Cross-site request forgery (CSRF) vulnerability in the Mail On Update plugin before 5.2.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change the "List of alternative recipients" via the mailonupdate_mailto parameter in the mail-on-update page to wp-admin/options-general.php.

6.8
2014-05-23 CVE-2010-5299 Microp Project Buffer Errors vulnerability in Microp Project Microp 0.1.1.1600

Stack-based buffer overflow in MicroP 0.1.1.1600 allows remote attackers to execute arbitrary code via a crafted .mppl file.

6.8
2014-05-22 CVE-2014-1344 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1343 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1342 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1341 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1339 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1338 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1337 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1336 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1335 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1334 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1333 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1331 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1330 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1329 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1327 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1326 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1324 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-1323 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8
2014-05-22 CVE-2014-3845 Tinymce
Wordpress
Cross-Site Request Forgery (CSRF) vulnerability in Tinymce Color Picker

Cross-site request forgery (CSRF) vulnerability in the TinyMCE Color Picker plugin before 1.2 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that change plugin settings via unknown vectors.

6.8
2014-05-22 CVE-2014-3843 Zemanta
Wordpress
Cross-Site Request Forgery (CSRF) vulnerability in Zemanta Search Everything

Cross-site request forgery (CSRF) vulnerability in the Search Everything plugin before 8.1.1 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8
2014-05-22 CVE-2014-0954 IBM Improper Input Validation vulnerability in IBM Websphere Portal

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 does not validate JSP includes, which allows remote attackers to obtain sensitive information, bypass intended request-dispatcher access restrictions, or cause a denial of service (memory consumption) via a crafted URL.

6.8
2014-05-20 CVE-2014-3802 Microsoft Improper Input Validation vulnerability in Microsoft products

msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDB file.

6.8
2014-05-20 CVE-2014-3792 Beetel Cross-Site Request Forgery (CSRF) vulnerability in Beetel 450Tc2 Router and 450Tc2 Router Firmware

Cross-site request forgery (CSRF) vulnerability in Beetel 450TC2 Router with firmware TX6-0Q-005_retail allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the uiViewTools_Password and uiViewTools_PasswordConfirm parameters to Forms/tools_admin_1.

6.8
2014-05-20 CVE-2014-3460 Microfocus Path Traversal vulnerability in Microfocus Sentinel and Sentinel Agent Manager

Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted pathname.

6.8
2014-05-20 CVE-2014-3269 Cisco Improper Input Validation vulnerability in Cisco IOS XE 3.5E

The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users to cause a denial of service (device reload) by polling frequently, aka Bug ID CSCug65204.

6.8
2014-05-20 CVE-2014-2194 Cisco Improper Input Validation vulnerability in Cisco Unified web and E-Mail Interaction Manager 9.0(2)

system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote attackers to have an unspecified impact by injecting a spoofed XML external entity.

6.8
2014-05-19 CVE-2013-7385 Livezilla Cryptographic Issues vulnerability in Livezilla

LiveZilla 5.1.2.1 and earlier includes the MD5 hash of the operator password in plaintext in Javascript code that is generated by lz/mobile/chat.php, which allows remote attackers to obtain sensitive information and gain privileges by accessing the loginName and loginPassword variables using an independent cross-site scripting (XSS) attack.

6.8
2014-05-19 CVE-2013-6807 Opentext Cryptographic Issues vulnerability in Opentext Exceed Ondemand 8.0

The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses.

6.8
2014-05-19 CVE-2013-6806 Opentext Improper Authentication vulnerability in Opentext Exceed Ondemand 8.0

OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext.

6.8
2014-05-22 CVE-2014-2948 Bizagi SQL Injection vulnerability in Bizagi Business Process Management Suite

SQL injection vulnerability in workflowenginesoa.asmx in Bizagi BPM Suite through 10.4 allows remote authenticated users to execute arbitrary SQL commands via a crafted SOAP request.

6.5
2014-05-22 CVE-2014-3210 Dotonpaper
Wordpress
SQL Injection vulnerability in Dotonpaper Booking System 1.0/1.1

SQL injection vulnerability in dopbs-backend-forms.php in the Booking System (Booking Calendar) plugin before 1.3 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the booking_form_id parameter to wp-admin/admin-ajax.php.

6.5
2014-05-20 CVE-2013-4321 Typo3 Code Injection vulnerability in Typo3

The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.4 allows remote authenticated editors to execute arbitrary PHP code via unspecified characters in the file extension when renaming a file.

6.5
2014-05-20 CVE-2013-4250 Typo3 Improper Input Validation vulnerability in Typo3

The (1) file upload component and (2) File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.3 do not properly check file extensions, which allow remote authenticated editors to execute arbitrary PHP code by uploading a .php file.

6.5
2014-05-19 CVE-2013-6994 Opentext Cryptographic Issues vulnerability in Opentext Exceed Ondemand 8.0

OpenText Exceed OnDemand (EoD) 8 transmits the session ID in cleartext, which allows remote attackers to perform session fixation attacks by sniffing the network.

6.4
2014-05-20 CVE-2014-3264 Cisco Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software

Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561.

6.3
2014-05-25 CVE-2014-3284 Cisco Improper Input Validation vulnerability in Cisco products

Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180.

6.1
2014-05-20 CVE-2014-3273 Cisco Improper Input Validation vulnerability in Cisco IOS

The LLDP implementation in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a malformed packet, aka Bug ID CSCum96282.

6.1
2014-05-22 CVE-2014-3783 Dotclear SQL Injection vulnerability in Dotclear

SQL injection vulnerability in admin/categories.php in Dotclear before 2.6.3 allows remote authenticated users with the manage categories permission to execute arbitrary SQL commands via the categories_order parameter.

6.0
2014-05-22 CVE-2014-0958 IBM Open Redirection vulnerability in IBM WebSphere Portal

Open redirect vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

5.8
2014-05-20 CVE-2014-3739 Zenoss Improper Input Validation vulnerability in Zenoss 4.2.5

Open redirect vulnerability in zport/acl_users/cookieAuthHelper/login_form in Zenoss 4.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the came_from parameter.

5.8
2014-05-20 CVE-2013-4347 Urbanairship Cryptographic Issues vulnerability in Urbanairship Python-Oauth2

The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack.

5.8
2014-05-20 CVE-2013-4320 Typo3 Permissions, Privileges, and Access Controls vulnerability in Typo3

The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.9 and 6.1.x before 6.1.4 does not properly check permissions, which allows remote authenticated users to create or read arbitrary files via a crafted URL.

5.5
2014-05-19 CVE-2013-4431 Mahara Permissions, Privileges, and Access Controls vulnerability in Mahara

Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 does not properly prevent access to blocks, which allows remote authenticated users to modify arbitrary blocks via the bock id in an edit request.

5.5
2014-05-23 CVE-2014-3848 Imember360 Permissions, Privileges, and Access Controls vulnerability in Imember360

The iMember360 plugin before 3.9.001 for WordPress does not properly restrict access, which allows remote attackers to obtain database credentials via the i4w_dbinfo parameter.

5.0
2014-05-23 CVE-2013-4223 Gentoo Permissions, Privileges, and Access Controls vulnerability in Gentoo Nullmailer 1.11

The Gentoo Nullmailer package before 1.11-r2 uses world-readable permissions for /etc/nullmailer/remotes, which allows local users to obtain SMTP authentication credentials by reading the file.

5.0
2014-05-23 CVE-2013-2758 Apache
Citrix
Cryptographic Issues vulnerability in multiple products

Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C uses a hash of a predictable sequence, which makes it easier for remote attackers to guess the console access URL via a brute force attack.

5.0
2014-05-23 CVE-2013-2756 Apache
Citrix
Improper Authentication vulnerability in multiple products

Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C allows remote attackers to bypass the console proxy authentication by leveraging knowledge of the source code.

5.0
2014-05-22 CVE-2014-1346 Apple Improper Input Validation vulnerability in Apple Safari

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret Unicode encoding, which allows remote attackers to spoof a postMessage origin, and bypass intended restrictions on sending a message to a connected frame or window, via crafted characters in a URL.

5.0
2014-05-22 CVE-2014-3844 Tinymce
Wordpress
Permissions, Privileges, and Access Controls vulnerability in Tinymce Color Picker

The TinyMCE Color Picker plugin before 1.2 for WordPress does not properly check permissions, which allows remote attackers to modify plugin settings via unspecified vectors.

5.0
2014-05-22 CVE-2014-2604 HP Denial of Service vulnerability in Multiple HP IceWall Products

Unspecified vulnerability in HP IceWall SSO 10.0 Dfw and IceWall MCRP 2.1 and 3.0 allows remote attackers to cause a denial of service via unknown vectors.

5.0
2014-05-22 CVE-2014-0949 IBM Resource Management Errors vulnerability in IBM Websphere Portal

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to cause a denial of service (resource consumption and daemon crash) via a crafted web request.

5.0
2014-05-21 CVE-2014-3806 Vmturbo Path Traversal vulnerability in Vmturbo Operations Manager 4.0/4.5

Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a ..

5.0
2014-05-21 CVE-2014-1748 Google UI Spoofing vulnerability in WebKit

The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.

5.0
2014-05-21 CVE-2014-1746 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome

The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service (out-of-bounds read) via vectors that trigger use of a large buffer.

5.0
2014-05-20 CVE-2014-3271 Cisco Improper Input Validation vulnerability in Cisco IOS XR

The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149.

5.0
2014-05-20 CVE-2014-3270 Cisco Improper Input Validation vulnerability in Cisco IOS XR

The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924.

5.0
2014-05-20 CVE-2014-3268 Cisco Improper Input Validation vulnerability in Cisco IOS and Unified Border Element

Cisco IOS 15.2(4)M4 on Cisco Unified Border Element (CUBE) devices allows remote attackers to cause a denial of service (input-queue consumption and traffic-processing outage) via crafted RTCP packets, aka Bug ID CSCuj72215.

5.0
2014-05-20 CVE-2014-2199 Cisco Information Exposure vulnerability in Cisco products

meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27.32.31.16, 28 before 28.12.13.18, and 29 before 29.5.1.12 allows remote attackers to obtain sensitive meeting information by leveraging knowledge of a meeting identifier, aka Bug IDs CSCuo68624 and CSCue46738.

5.0
2014-05-19 CVE-2014-3787 SAP Information Exposure vulnerability in SAP Netweaver

SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.

5.0
2014-05-19 CVE-2013-7384 Unrealircd Unspecified vulnerability in Unrealircd 3.2.10/3.2.10.1

UnrealIRCd 3.2.10 before 3.2.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors, related to SSL.

5.0
2014-05-19 CVE-2013-6805 Opentext Cryptographic Issues vulnerability in Opentext Exceed Ondemand 8.0

OpenText Exceed OnDemand (EoD) 8 uses weak encryption for passwords, which makes it easier for (1) remote attackers to discover credentials by sniffing the network or (2) local users to discover credentials by reading a .eod8 file.

5.0
2014-05-19 CVE-2013-6413 Unrealircd Resource Management Errors vulnerability in Unrealircd 3.2.10/3.2.10.1

Use-after-free vulnerability in UnrealIRCd 3.2.10 before 3.2.10.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors.

5.0
2014-05-19 CVE-2013-4406 Quick Tabs Module Project Permissions, Privileges, and Access Controls vulnerability in Quick Tabs Module Project Quicktabs

The Quick Tabs module 6.x-2.x before 6.x-2.2, 6.x-3.x before 6.x-3.2, and 7.x-3.x before 7.x-3.6 for Drupal does not properly check block permissions, which allows remote attackers to obtain sensitive information by reading a Quick Tab.

5.0
2014-05-22 CVE-2014-2349 Emerson Permissions, Privileges, and Access Controls vulnerability in Emerson Deltav

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to modify or read configuration files by leveraging engineering-level privileges.

4.6
2014-05-20 CVE-2013-6975 Cisco Path Traversal vulnerability in Cisco Nx-Os

Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217.

4.6
2014-05-19 CVE-2014-1402 Pocoo Permissions, Privileges, and Access Controls vulnerability in Pocoo Jinja2

The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp.

4.4
2014-05-19 CVE-2014-0012 Pocoo Permissions, Privileges, and Access Controls vulnerability in Pocoo Jinja2 2.7.2

FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid.

4.4
2014-05-25 CVE-2014-0639 EMC Cross-Site Scripting vulnerability in EMC RSA Archer Egrc

Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.4 SP1 P3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-05-23 CVE-2014-3849 Imember360 Permissions, Privileges, and Access Controls vulnerability in Imember360

The iMember360 plugin 3.8.012 through 3.9.001 for WordPress does not properly restrict access, which allows remote attackers to delete arbitrary users via a request containing a user name in the Email parameter and the API key in the i4w_clearuser parameter.

4.3
2014-05-23 CVE-2014-3442 Nullsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Nullsoft Winamp

Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.

4.3
2014-05-23 CVE-2013-2712 Krisonav Cross-Site Scripting vulnerability in Krisonav

Cross-site scripting (XSS) vulnerability in services/get_article.php in KrisonAV CMS before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the content parameter.

4.3
2014-05-23 CVE-2013-1864 Opalvoip
Ekiga
Suse
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXML document containing a large number of nested entity references, aka a "billion laughs attack."

4.3
2014-05-23 CVE-2013-0289 Oswald Buddenhagen Cryptographic Issues vulnerability in Oswald Buddenhagen Isync

Isync 0.4 before 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

4.3
2014-05-22 CVE-2014-2947 Bizagi Cross-Site Scripting vulnerability in Bizagi Business Process Management Suite

Cross-site scripting (XSS) vulnerability in Login.aspx in Bizagi BPM Suite before 10.3 allows remote attackers to inject arbitrary web script or HTML via the txtUsername parameter.

4.3
2014-05-22 CVE-2014-3846 Flyingcart Cross-Site Scripting vulnerability in Flyingcart Flying Cart

Cross-site scripting (XSS) vulnerability in Flying Cart allows remote attackers to inject arbitrary web script or HTML via the p parameter to index.php.

4.3
2014-05-22 CVE-2014-3842 Imember360 Cross-Site Scripting vulnerability in Imember360

Multiple cross-site scripting (XSS) vulnerabilities in the iMember360 plugin 3.8.012 through 3.9.001 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) decrypt or (2) encrypt parameter.

4.3
2014-05-22 CVE-2014-3841 Tech Banker
Wordpress
Cross-Site Scripting vulnerability in Tech-Banker Contact Bank

Cross-site scripting (XSS) vulnerability in the Contact Bank plugin before 2.0.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Label field, related to form layout configuration.

4.3
2014-05-22 CVE-2014-0956 IBM Cross-Site Scripting vulnerability in IBM Websphere Portal

Cross-site scripting (XSS) vulnerability in googlemap.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-05-22 CVE-2014-0955 IBM Cross-Site Scripting vulnerability in IBM Websphere Portal 8.0.0.0/8.0.0.1

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0 before 8.0.0.1 CF12, when Social Rendering in Connections integration is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-05-22 CVE-2014-0952 IBM Cross-Site Scripting vulnerability in IBM Websphere Portal

Cross-site scripting (XSS) vulnerability in boot_config.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF28, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-05-22 CVE-2014-0951 IBM Cross-Site Scripting vulnerability in IBM Websphere Portal

Cross-site scripting (XSS) vulnerability in FilterForm.jsp in IBM WebSphere Portal 7.0 before 7.0.0.2 CF28 and 8.0 before 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2014-05-21 CVE-2014-3808 Barracudadrive
Realtimelogic
Cross-Site Scripting vulnerability in multiple products

Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive before 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) role parameter to roles.lsp, (2) name parameter to user.lsp, (3) path parameter to wizard/setuser.lsp, (4) host parameter to tunnelconstr.lsp, or (5) newpath parameter to wfsconstr.lsp in rtl/protected/admin/.

4.3
2014-05-21 CVE-2014-3807 Barracudadrive Cross-Site Scripting vulnerability in Barracudadrive 6.7.2

Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) blog, (2) bloggeruser, or (3) bloggerpasswd parameter to private/manage/.

4.3
2014-05-21 CVE-2014-3803 Google Information Exposure vulnerability in Google Chrome

The SpeechInput feature in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to enable microphone access and obtain speech-recognition text without indication via an INPUT element with a -x-webkit-speech attribute.

4.3
2014-05-21 CVE-2014-1747 Google Cross-Site Scripting vulnerability in Google Chrome

Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS (UXSS)."

4.3
2014-05-20 CVE-2014-3738 Zenoss Cross-Site Scripting vulnerability in Zenoss 4.2.5

Cross-site scripting (XSS) vulnerability in Zenoss 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the title of a device.

4.3
2014-05-20 CVE-2014-1855 Seopanel Cross-Site Scripting vulnerability in Seopanel SEO Panel 3.3.1/3.4.0

Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel before 3.5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) capcheck parameter to directories.php or (2) keyword parameter to proxy.php.

4.3
2014-05-20 CVE-2013-4346 Urbanairship Cryptographic Issues vulnerability in Urbanairship Python-Oauth2

The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.

4.3
2014-05-20 CVE-2014-3265 Cisco Cross-Site Scripting vulnerability in Cisco Security Manager 4.2

Cross-site scripting (XSS) vulnerability in the Auto Update Server (AUS) web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuo06900.

4.3
2014-05-20 CVE-2014-2195 Cisco Improper Input Validation vulnerability in Cisco products

Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085.

4.3
2014-05-20 CVE-2014-2193 Cisco Improper Input Validation vulnerability in Cisco Unified web and E-Mail Interaction Manager

Cisco Unified Web and E-Mail Interaction Manager places session identifiers in GET requests, which allows remote attackers to inject conversation text by obtaining a valid identifier, aka Bug ID CSCuj43084.

4.3
2014-05-20 CVE-2014-2192 Cisco Cross-Site Scripting vulnerability in Cisco Unified web and E-Mail Interaction Manager 9.0(2)

Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj43033.

4.3
2014-05-19 CVE-2014-3735 Intel Buffer Errors vulnerability in Intel Indeo Video 4.5

ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers to cause a denial of service (crash) via a crafted .avi file.

4.3
2014-05-19 CVE-2013-7040 Apple
Python
Cryptographic Issues vulnerability in multiple products

Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.

4.3
2014-05-19 CVE-2013-7033 Livezilla Cryptographic Issues vulnerability in Livezilla

LiveZilla before 5.1.2.1 includes the operator password in plaintext in Javascript code that is generated by lz/mobile/chat.php, which might allow remote attackers to obtain sensitive information and gain privileges by accessing the loginName and loginPassword variables using an independent cross-site scripting (XSS) attack.

4.3
2014-05-19 CVE-2013-4430 Mahara Cross-Site Scripting vulnerability in Mahara

Cross-site scripting (XSS) vulnerability in Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 allows remote attackers to inject arbitrary web script or HTML via the Host header to lib/web.php.

4.3
2014-05-22 CVE-2014-0959 IBM Improper Input Validation vulnerability in IBM Websphere Portal

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote authenticated users to cause a denial of service (infinite loop) via a login redirect.

4.0
2014-05-20 CVE-2012-6146 Typo3 Permissions, Privileges, and Access Controls vulnerability in Typo3

The Backend History Module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 does not properly restrict access, which allows remote authenticated editors to read the history of arbitrary records via a crafted URL.

4.0
2014-05-19 CVE-2013-4432 Mahara Permissions, Privileges, and Access Controls vulnerability in Mahara

Mahara before 1.5.13, 1.6.x before 1.6.8, and 1.7.x before 1.7.4 does not properly restrict access to folders, which allows remote authenticated users to read arbitrary folders (1) by leveraging an active folder tab loaded before permissions were removed or (2) via the folder parameter to artefact/file/groupfiles.php.

4.0
2014-05-19 CVE-2013-4429 Mahara Permissions, Privileges, and Access Controls vulnerability in Mahara

Mahara before 1.5.12, 1.6.x before 1.6.7, and 1.7.x before 1.7.3 does not properly restrict access to artefacts, which allows remote authenticated users to read arbitrary artefacts via the (1) artefact id in an upload action when creating a journal or (2) instconf_artefactid_selected[ID] parameter in an upload action when editing a block.

4.0

11 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2014-05-19 CVE-2013-4426 Leon Weber Local Denial of Service vulnerability in Leon Weber Pyxtrlock 0.1

pyxtrlock before 0.1 uses an incorrect variable name, which allows physically proximate attackers to bypass the lock screen via multiple failed authentication attempts, which trigger a crash.

3.6
2014-05-23 CVE-2014-3801 Openstack Information Exposure vulnerability in Openstack Heat

OpenStack Orchestration API (Heat) 2013.2 through 2013.2.3 and 2014.1, when creating the stack for a template using a provider template, allows remote authenticated users to obtain the provider template URL via the resource-type-list.

3.5
2014-05-21 CVE-2011-2198 Gnome
Opensuse
Oracle
Improper Input Validation vulnerability in multiple products

The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) before 0.28.1 allows remote authenticated users to cause a denial of service (CPU and memory consumption and crash) via a crafted file, as demonstrated by a file containing the string "\033[100000000000000000@".

3.5
2014-05-19 CVE-2014-3717 XEN Improper Input Validation vulnerability in XEN 4.4.0

Xen 4.4.x does not properly validate the load address for 64-bit ARM guest kernels, which allows local users to read system memory or cause a denial of service (crash) via a crafted kernel, which triggers a buffer overflow.

3.3
2014-05-19 CVE-2014-3715 XEN Buffer Errors vulnerability in XEN 4.4.0

Buffer overflow in Xen 4.4.x allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit guest kernel, related to searching for an appended DTB.

3.3
2014-05-19 CVE-2014-3714 XEN Improper Input Validation vulnerability in XEN 4.4.0

The ARM image loading functionality in Xen 4.4.x does not properly validate kernel length, which allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit ARM guest kernel in an image, which triggers a buffer overflow.

3.3
2014-05-22 CVE-2012-6648 GDM Guest Session Project
Canonical
Permissions, Privileges, and Access Controls vulnerability in multiple products

gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file in /tmp.

2.1
2014-05-22 CVE-2012-0943 Robert Ancell
Canonical
Permissions, Privileges, and Access Controls vulnerability in multiple products

debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp.

2.1
2014-05-20 CVE-2013-4380 Mediafront
Drupal
Cross-Site Scripting vulnerability in Mediafront

Cross-site scripting (XSS) vulnerability in the MediaFront module 6.x-1.x before 6.x-1.6, 7.x-1.x before 7.x-1.6, and 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "administer mediafront" permission to inject arbitrary web script or HTML via the preset settings.

2.1
2014-05-19 CVE-2013-4427 Leon Weber Improper Input Validation vulnerability in Leon Weber Pyxtrlock 0.1

pyxtrlock before 0.2 does not properly check the return values of the (1) xcb_grab_pointer and (2) xcb_grab_keyboard XCB library functions, which allows physically proximate attackers to gain access to the keyboard or mouse without unlocking the screen via unspecified vectors.

2.1
2014-05-19 CVE-2014-3716 XEN Improper Input Validation vulnerability in XEN 4.4.0

Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service (crash) via an unspecified field in a DTB header in a 32-bit guest kernel.

1.9