Weekly Vulnerabilities Reports > October 6 to 12, 2014
Overview
120 new vulnerabilities reported during this period, including 13 critical vulnerabilities and 29 high severity vulnerabilities. This weekly summary report vulnerabilities in 102 products from 73 vendors including Cisco, Drupal, HP, Joomla, and Debian. Vulnerabilities are notably categorized as "Cross-site Scripting", "Cryptographic Issues", "Code Injection", "Resource Management Errors", and "SQL Injection".
- 99 reported vulnerabilities are remotely exploitables.
- 11 reported vulnerabilities have public exploit available.
- 42 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 95 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 13 reported vulnerabilities.
- Cyberoam has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
13 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-10-08 | CVE-2014-7205 | Bassmaster Project | Code Injection vulnerability in Bassmaster Project Bassmaster Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for the hapi server framework for Node.js allows remote attackers to execute arbitrary Javascript code via unspecified vectors. | 10.0 |
2014-10-07 | CVE-2014-7235 | Freepbx Sangoma | Code Injection vulnerability in multiple products htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014. | 10.0 |
2014-10-07 | CVE-2014-6434 | Gopro | OS Command Injection vulnerability in Gopro Hero and Gopro Hero Firmware gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary commands via a the (1) a1 or (2) a2 parameter in a restart action. | 10.0 |
2014-10-07 | CVE-2014-6433 | Gopro | Code Injection vulnerability in Gopro Hero and Gopro Hero Firmware gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary files via a the (1) a1 or (2) a2 parameter in a start action. | 10.0 |
2014-10-07 | CVE-2014-5503 | Cyberoam | SQL Injection vulnerability in Cyberoam OS SQL injection vulnerability in the Guest Login Portal in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary SQL commands via the add_guest_user opcode. | 10.0 |
2014-10-07 | CVE-2014-6287 | Rejetto | Code Injection vulnerability in Rejetto Http File Server 2.3/2.3A/2.3B The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action. | 10.0 |
2014-10-06 | CVE-2014-0397 | Oracle | Buffer Errors vulnerability in Oracle Solaris 10/11.1 Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10 and 11.1 have unspecified impact and attack vectors related to "Buffer errors." | 10.0 |
2014-10-07 | CVE-2014-5501 | Cyberoam | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cyberoam OS Stack-based buffer overflow in the diagnose service in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary code via a crafted webpage or file. | 9.3 |
2014-10-06 | CVE-2013-2645 | TP Link | Cross-Site Request Forgery (CSRF) vulnerability in Tp-Link Firmware Tlwr1043Ndv1120405 Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043ND_V1_120405 allow remote attackers to hijack the authentication of administrators for requests that (1) enable FTP access (aka "FTP directory traversal") to /tmp via the shareEntire parameter to userRpm/NasFtpCfgRpm.htm, (2) change the FTP administrative password via the nas_admin_pwd parameter to userRpm/NasUserAdvRpm.htm, (3) enable FTP on the WAN interface via the internetA parameter to userRpm/NasFtpCfgRpm.htm, (4) launch the FTP service via the startFtp parameter to userRpm/NasFtpCfgRpm.htm, or (5) enable or disable bandwidth limits via the QoSCtrl parameter to userRpm/QoSCfgRpm.htm. | 9.3 |
2014-10-10 | CVE-2014-3389 | Cisco | Command Injection vulnerability in Cisco Adaptive Security Appliance (ASA) Software The VPN implementation in Cisco ASA Software 7.2 before 7.2(5.15), 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.15), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), 9.2 before 9.2(2.6), and 9.3 before 9.3(1.1) does not properly implement a tunnel filter, which allows remote authenticated users to obtain failover-unit access via crafted packets, aka Bug ID CSCuq28582. | 9.0 |
2014-10-08 | CVE-2014-5308 | Testlink | SQL Injection vulnerability in Testlink 1.9.11 Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote authenticated users to execute arbitrary SQL commands via the (1) name parameter in a Search action to lib/project/projectView.php or (2) id parameter to lib/events/eventinfo.php. | 9.0 |
2014-10-07 | CVE-2014-5502 | Cyberoam | OS Command Injection vulnerability in Cyberoam OS The Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote authenticated users to inject arbitrary commands via a (1) checkcert_key, (2) webclient_portal_settings, (3) sslvpn_liveuser_delete, or (4) ccc_flush_sql_file opcode. | 9.0 |
2014-10-07 | CVE-2014-4868 | Brocade | OS Command Injection vulnerability in Brocade Vyatta 5400 Vrouter and Vyatta 5400 Vrouter Software The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console command. | 9.0 |
29 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-10-10 | CVE-2014-3388 | Cisco | Resource Management Errors vulnerability in Cisco ASA 9.0/9.1/9.2 The DNS inspection engine in Cisco ASA Software 9.0 before 9.0(4.13), 9.1 before 9.1(5.7), and 9.2 before 9.2(2) allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCuo68327. | 7.8 |
2014-10-10 | CVE-2014-3387 | Cisco | Resource Management Errors vulnerability in Cisco ASA The SunRPC inspection engine in Cisco ASA Software 7.2 before 7.2(5.14), 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.5 before 8.5(1.21), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.5), and 9.1 before 9.1(5.3) allows remote attackers to cause a denial of service (device reload) via crafted SunRPC packets, aka Bug ID CSCun11074. | 7.8 |
2014-10-10 | CVE-2014-3386 | Cisco | Resource Management Errors vulnerability in Cisco ASA The GPRS Tunneling Protocol (GTP) inspection engine in Cisco ASA Software 8.2 before 8.2(5.51), 8.4 before 8.4(7.15), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted series of GTP packets, aka Bug ID CSCum56399. | 7.8 |
2014-10-10 | CVE-2014-3385 | Cisco | Race Condition vulnerability in Cisco ASA Race condition in the Health and Performance Monitoring (HPM) for ASDM feature in Cisco ASA Software 8.3 before 8.3(2.42), 8.4 before 8.4(7.11), 8.5 before 8.5(1.19), 8.6 before 8.6(1.13), 8.7 before 8.7(1.11), 9.0 before 9.0(4.8), and 9.1 before 9.1(4.5) allows remote attackers to cause a denial of service (device reload) via TCP traffic that triggers many half-open connections at the same time, aka Bug ID CSCum00556. | 7.8 |
2014-10-10 | CVE-2014-3384 | Cisco | Resource Management Errors vulnerability in Cisco ASA The IKEv2 implementation in Cisco ASA Software 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted packet that is sent during tunnel creation, aka Bug ID CSCum96401. | 7.8 |
2014-10-10 | CVE-2014-3383 | Cisco | Resource Management Errors vulnerability in Cisco ASA 9.1/9.1.5 The IKE implementation in the VPN component in Cisco ASA Software 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via crafted UDP packets, aka Bug ID CSCul36176. | 7.8 |
2014-10-10 | CVE-2014-3382 | Cisco | SQL Injection vulnerability in Cisco ASA The SQL*Net inspection engine in Cisco ASA Software 7.2 before 7.2(5.13), 8.2 before 8.2(5.50), 8.3 before 8.3(2.42), 8.4 before 8.4(7.15), 8.5 before 8.5(1.21), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.5), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via crafted SQL REDIRECT packets, aka Bug ID CSCum46027. | 7.8 |
2014-10-10 | CVE-2014-7201 | Kevin Renskers | SQL Injection vulnerability in Kevin Renskers Dmmjobcontrol Multiple SQL injection vulnerabilities in the search function in pi1/class.tx_dmmjobcontrol_pi1.php in the JobControl (dmmjobcontrol) extension 2.14.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via the (1) education, (2) region, or (3) sector fields, as demonstrated by the tx_dmmjobcontrol_pi1[search][sector][] parameter to jobs/. | 7.5 |
2014-10-10 | CVE-2014-4313 | Epicor | SQL Injection vulnerability in Epicor Procurement SQL injection vulnerability in Epicor Procurement before 7.4 SP2 allows remote attackers to execute arbitrary SQL commands via the User field. | 7.5 |
2014-10-10 | CVE-2014-7226 | Rejetto | Code Injection vulnerability in Rejetto Http File Server The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and earlier allows remote attackers to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols. | 7.5 |
2014-10-10 | CVE-2014-5297 | X2Engine | Code Injection vulnerability in X2Engine 2.8/4.1.7 The actionSendErrorReport method in protected/controllers/SiteController.php in X2Engine 2.8 through 4.1.7 allows remote attackers to conduct PHP object injection and Server-Side Request Forgery (SSRF) attacks via crafted serialized data in the report parameter. | 7.5 |
2014-10-10 | CVE-2014-2649 | HP Linux | Remote Code Execution vulnerability in HP Operations Manager Unspecified vulnerability in HP Operations Manager 9.20 on UNIX allows remote attackers to execute arbitrary code via unknown vectors. | 7.5 |
2014-10-10 | CVE-2014-2638 | HP | Remote Code Execution vulnerability in HP Sprinter 12.01 Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2344. | 7.5 |
2014-10-10 | CVE-2014-2637 | HP | Remote Code Execution vulnerability in HP Sprinter 12.01 Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2342. | 7.5 |
2014-10-10 | CVE-2014-2636 | HP | Remote Code Execution vulnerability in HP Sprinter 12.01 Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2336. | 7.5 |
2014-10-10 | CVE-2014-2635 | HP | Remote Code Execution vulnerability in HP Sprinter 12.01 Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2343. | 7.5 |
2014-10-08 | CVE-2014-7984 | Joomla | Permissions, Privileges, and Access Controls vulnerability in Joomla Joomla! Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to authenticate and bypass intended restrictions via vectors involving GMail authentication. | 7.5 |
2014-10-08 | CVE-2014-7981 | Joomla | SQL Injection vulnerability in Joomla Joomla! SQL injection vulnerability in Joomla! CMS 3.1.x and 3.2.x before 3.2.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2014-10-08 | CVE-2014-6632 | Joomla | Improper Authentication vulnerability in Joomla Joomla! Joomla! 2.5.x before 2.5.25, 3.x before 3.2.4, and 3.3.x before 3.3.4 allows remote attackers to authenticate and bypass intended access restrictions via vectors involving LDAP authentication. | 7.5 |
2014-10-08 | CVE-2014-6394 | Fedoraproject Apple Joyent | Path Traversal vulnerability in multiple products visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory. | 7.5 |
2014-10-08 | CVE-2014-7299 | Arubanetworks | Information Disclosure vulnerability in Arubaos 6.3.11/6.4.2.1 Unspecified vulnerability in administrative interfaces in ArubaOS 6.3.1.11, 6.3.1.11-FIPS, 6.4.2.1, and 6.4.2.1-FIPS on Aruba controllers allows remote attackers to bypass authentication, and obtain potentially sensitive information or add guest accounts, via an SSH session. | 7.5 |
2014-10-06 | CVE-2014-6607 | Mmonit | Credentials Management vulnerability in Mmonit M/Monit M/Monit 3.3.2 and earlier does not verify the original password before changing passwords, which allows remote attackers to change the password of other users and gain privileges via the fullname and password parameters, a different vulnerability than CVE-2014-6409. | 7.5 |
2014-10-06 | CVE-2014-6389 | Phpcompta | Code Injection vulnerability in PHPcompta PHPcompta/Noalyss backup.php in PHPCompta/NOALYSS before 6.7.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the d parameter. | 7.5 |
2014-10-06 | CVE-2014-2044 | Owncloud | Code Injection vulnerability in Owncloud Incomplete blacklist vulnerability in ajax/upload.php in ownCloud before 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbitrary names, and execute arbitrary code via an Alternate Data Stream (ADS) syntax in the filename parameter, as demonstrated using .htaccess::$DATA to upload a PHP program. | 7.5 |
2014-10-06 | CVE-2013-1436 | Xmonad | Code Injection vulnerability in Xmonad Xmonad-Contrab 0.11 The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag. | 7.5 |
2014-10-06 | CVE-2014-5389 | Content Audit Project | SQL Injection vulnerability in Content Audit Project Content Audit 1.6/1.6.0 SQL injection vulnerability in content-audit-schedule.php in the Content Audit plugin before 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "Audited content types" option in the content-audit page to wp-admin/options-general.php. | 7.5 |
2014-10-06 | CVE-2014-0074 | Apache | Improper Authentication vulnerability in Apache Shiro Apache Shiro 1.x before 1.2.3, when using an LDAP server with unauthenticated bind enabled, allows remote attackers to bypass authentication via an empty (1) username or (2) password. | 7.5 |
2014-10-10 | CVE-2014-2646 | HP | Permissions, Privileges, and Access Controls vulnerability in HP Network Automation 9.10/9.20 Unspecified vulnerability in HP Network Automation 9.10 and 9.20 allows local users to bypass intended access restrictions via unknown vectors. | 7.2 |
2014-10-07 | CVE-2014-4870 | Brocade | Improper Input Validation vulnerability in Brocade Vyatta 5400 Vrouter and Vyatta 5400 Vrouter Software /opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges by leveraging the sudo configuration. | 7.2 |
62 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-10-12 | CVE-2014-5328 | Huawei | Resource Management Errors vulnerability in Huawei E5332 and E5332 Firmware Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allows remote authenticated users to cause a denial of service (reboot) via a long parameter in an API service request message. | 6.8 |
2014-10-12 | CVE-2014-5327 | Huawei | Resource Management Errors vulnerability in Huawei E5332 and E5332 Firmware Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allows remote authenticated users to cause a denial of service (reboot) via a long URI. | 6.8 |
2014-10-10 | CVE-2014-4867 | Cryoserver | Permissions, Privileges, and Access Controls vulnerability in Cryoserver Security Appliance Cryoserver Security Appliance 7.3.x uses weak permissions for /etc/init.d/cryoserver, which allows local users to gain privileges by leveraging access to the support account and running the /bin/cryo-mgmt program. | 6.8 |
2014-10-08 | CVE-2014-7296 | ENG | Code Injection vulnerability in ENG Spagobi 5.0 The default configuration in the accessibility engine in SpagoBI 5.0.0 does not set FEATURE_SECURE_PROCESSING, which allows remote authenticated users to execute arbitrary Java code via a crafted XSL document. | 6.8 |
2014-10-08 | CVE-2014-7273 | Getmail | Cryptographic Issues vulnerability in Getmail The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate. | 6.8 |
2014-10-06 | CVE-2014-6409 | Mmonit | Cross-Site Request Forgery (CSRF) vulnerability in Mmonit M/Monit Cross-site request forgery (CSRF) vulnerability in M/Monit 3.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that change user passwords via the fullname and password parameters to /admin/users/update. | 6.8 |
2014-10-06 | CVE-2014-0994 | Embarcadero | Buffer Errors vulnerability in Embarcadero products Heap-based buffer overflow in the ReadDIB function in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows context-dependent attackers to execute arbitrary code via the BITMAPINFOHEADER.biClrUsed field in a BMP file. | 6.8 |
2014-10-06 | CVE-2014-0168 | Jolokia | Cross-Site Request Forgery (CSRF) vulnerability in Jolokia Cross-site request forgery (CSRF) vulnerability in Jolokia before 1.2.1 allows remote attackers to hijack the authentication of users for requests that execute MBeans methods via a crafted web page. | 6.8 |
2014-10-08 | CVE-2014-7185 | Python Apple | Numeric Errors vulnerability in multiple products Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function. | 6.4 |
2014-10-08 | CVE-2014-7275 | Getmail | Cryptographic Issues vulnerability in Getmail The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof POP3 servers and obtain sensitive information via a crafted certificate. | 5.8 |
2014-10-08 | CVE-2014-7274 | Getmail | Cryptographic Issues vulnerability in Getmail 4.44.0 The IMAP-over-SSL implementation in getmail 4.44.0 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate from a recognized Certification Authority. | 5.8 |
2014-10-07 | CVE-2014-3399 | Cisco | Code Injection vulnerability in Cisco Adaptive Security Appliance Software The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject Lua programs, and consequently cause a denial of service (portal outage or system reload), via crafted HTTP requests, aka Bug ID CSCup54208. | 5.5 |
2014-10-11 | CVE-2014-6941 | NOS | Cryptographic Issues vulnerability in NOS Alive 5.1 The NOS Alive (aka pt.optimus.optimusalive2011) application 5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-11 | CVE-2014-6940 | Mibizapps | Cryptographic Issues vulnerability in Mibizapps Absolute Lending Solutions 1.0073.B0073 The Absolute Lending Solutions (aka com.soln.S008F6C05EC0B63264B429F6D76286562) application 1.0073.b0073 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-11 | CVE-2014-6939 | Xlabz | Cryptographic Issues vulnerability in Xlabz Sketch W Friends Free -Tablets 5.0.0 The Sketch W Friends FREE -Tablets (aka air.com.xlabz.SketchWFriendsFree) application 5.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-11 | CVE-2014-6938 | Webizz | Cryptographic Issues vulnerability in Webizz Apostilas Musicais 1 The Apostilas musicais (aka com.apostilas) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-11 | CVE-2014-6937 | Ecitic | Cryptographic Issues vulnerability in Ecitic China Citic Bank Credit Card 3.3.6 The China CITIC Bank Credit Card (aka com.citiccard.mobilebank) application 3.3.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-11 | CVE-2014-6936 | Mobileeventguide | Cryptographic Issues vulnerability in Mobileeventguide IDS 2013 1.21 The IDS 2013 (aka de.mobileeventguide.ids2013) application 1.21 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-11 | CVE-2014-6935 | Rgsmartapps | Cryptographic Issues vulnerability in Rgsmartapps Colormania - Color Quiz Game 1.4 The ColorMania - Color Quiz Game (aka com.ColormaniaColoringGames) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-11 | CVE-2014-6934 | Physics Chemistry Biology Quiz Project | Cryptographic Issues vulnerability in Physics Chemistry Biology Quiz Project Physics Chemistry Biology Quiz 1.8 The Physics Chemistry Biology Quiz (aka com.pdevsmcqs.pcbmcqseries) application 1.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-11 | CVE-2014-6904 | Cloudacl | Cryptographic Issues vulnerability in Cloudacl Safe Browser - the web Filter 1.2.5 The Safe Browser - The Web Filter (aka com.cloudacl) application 1.2.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-11 | CVE-2014-6891 | Vodafone | Cryptographic Issues vulnerability in Vodafone Avantaj Cepte 1.4 The Vodafone Avantaj Cepte (aka com.vodafone.avantajcepte.main) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-11 | CVE-2014-6887 | Express | Cryptographic Issues vulnerability in Express 2.5.3 The EXPRESS (aka com.gpshopper.express.android) application 2.5.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-10 | CVE-2014-7047 | Oceanavenue | Cryptographic Issues vulnerability in Oceanavenue Ocean Avenue Mobile PRO 2 The Ocean Avenue Mobile Pro (aka com.oceanavenue.mobile) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-10 | CVE-2014-7046 | George Wassouf Project | Cryptographic Issues vulnerability in George Wassouf Project George Wassouf 1 The George Wassouf (aka com.devkhr32.georgewassouf) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-10-10 | CVE-2014-3402 | Cisco | Improper Authentication vulnerability in Cisco Intrusion Prevention System The authentication-manager process in the web framework in Cisco Intrusion Prevention System (IPS) 7.0(8)E4 and earlier in Cisco Intrusion Detection System (IDS) does not properly manage user tokens, which allows remote attackers to cause a denial of service (temporary MainApp hang) via a crafted connection request to the management interface, aka Bug ID CSCuq39550. | 5.0 |
2014-10-10 | CVE-2014-5298 | X2Engine | Permissions, Privileges, and Access Controls vulnerability in X2Engine FileUploadsFilter.php in X2Engine 4.1.7 and earlier, when running on case-insensitive file systems, allows remote attackers to bypass the upload blacklist and conduct unrestricted file upload attacks by uploading a file with an executable extension that contains uppercase letters, as demonstrated using a PHP program. | 5.0 |
2014-10-10 | CVE-2014-3403 | Cisco | Cryptographic Issues vulnerability in Cisco IOS XE The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647. | 5.0 |
2014-10-09 | CVE-2014-8068 | Adobe | Information Exposure vulnerability in Adobe Digital Editions 4.0 Adobe Digital Editions (DE) 4 does not use encryption for transmission of data to adelogs.adobe.com, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by book-navigation information. | 5.0 |
2014-10-08 | CVE-2014-7229 | Joomla | Remote Denial of Service vulnerability in Joomla! Core Unspecified vulnerability in Joomla! before 2.5.4 before 2.5.26, 3.x before 3.2.6, and 3.3.x before 3.3.5 allows attackers to cause a denial of service via unspecified vectors. | 5.0 |
2014-10-08 | CVE-2014-5300 | Adaptivecomputing | Improper Authentication vulnerability in Adaptivecomputing Moab 8.0 Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 allows remote attackers to bypass the signature check, impersonate arbitrary users, and execute commands via a message without a signature. | 5.0 |
2014-10-07 | CVE-2014-7204 | Canonical Debian Mageia | Resource Management Errors vulnerability in multiple products jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file. | 5.0 |
2014-10-07 | CVE-2014-6603 | Openinfosecfoundation | Resource Management Errors vulnerability in Openinfosecfoundation Suricata The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write. | 5.0 |
2014-10-07 | CVE-2014-4869 | Brocade | Permissions, Privileges, and Access Controls vulnerability in Brocade Vyatta 5400 Vrouter and Vyatta 5400 Vrouter Software The Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows attackers to obtain sensitive encrypted-password information by leveraging membership in the operator group. | 5.0 |
2014-10-06 | CVE-2014-1868 | Restlet | Unspecified vulnerability in Restlet Framework Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack. | 5.0 |
2014-10-06 | CVE-2013-7329 | Perl | Information Exposure vulnerability in Perl CGI Application Module The CGI::Application module before 4.50_50 and 4.50_51 for Perl, when run modes are not specified, allows remote attackers to obtain sensitive information (web queries and environment details) via vectors related to the dump_html function. | 5.0 |
2014-10-10 | CVE-2014-3405 | Cisco | Security vulnerability in Cisco IOS XE Software Cisco IOS XE enables the IPv6 Routing Protocol for Low-Power and Lossy Networks (aka RPL) on both the Autonomic Control Plane (ACP) and external Autonomic Networking Infrastructure (ANI) interfaces, which allows remote attackers to conduct route-injection attacks via crafted RPL advertisements on an ANI interface, aka Bug ID CSCuq22673. | 4.8 |
2014-10-10 | CVE-2014-7200 | Kevin Renskers | Cross-Site Scripting vulnerability in Kevin Renskers Dmmjobcontrol Cross-site scripting (XSS) vulnerability in pi1/class.tx_dmmjobcontrol_pi1.php in the JobControl (dmmjobcontrol) extension 2.14.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via the tx_dmmjobcontrol_pi1[search][keyword] parameter to jobs/. | 4.3 |
2014-10-10 | CVE-2014-7139 | Cfdbplugin | Cross-Site Scripting vulnerability in Cfdbplugin Contact Form DB 2.8.15 Multiple cross-site scripting (XSS) vulnerabilities in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin before 2.8.16 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) form or (2) enc parameter in the CF7DBPluginShortCodeBuilder page to wp-admin/admin.php. | 4.3 |
2014-10-10 | CVE-2014-6315 | Photo Gallery Plugin Project | Cross-Site Scripting vulnerability in Photo Gallery Plugin Project Photo Gallery Plugin 1.1.30 Multiple cross-site scripting (XSS) vulnerabilities in the Web-Dorado Photo Gallery plugin 1.1.30 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) callback, (2) dir, or (3) extensions parameter in an addImages action to wp-admin/admin-ajax.php. | 4.3 |
2014-10-10 | CVE-2014-6243 | Ewww Image Optimizer Plugin Project | Cross-Site Scripting vulnerability in Ewww Image Optimizer Plugin Project Ewww Image Optimizer Plugin 2.0.0/2.01 Cross-site scripting (XSS) vulnerability in the EWWW Image Optimizer plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the error parameter in the ewww-image-optimizer.php page to wp-admin/options-general.php, which is not properly handled in a pngout error message. | 4.3 |
2014-10-10 | CVE-2014-4737 | Textpattern | Cross-Site Scripting vulnerability in Textpattern Cross-site scripting (XSS) vulnerability in Textpattern CMS before 4.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to setup/index.php. | 4.3 |
2014-10-10 | CVE-2014-4312 | Epicor | Cross-Site Scripting vulnerability in Epicor Enterprise Multiple cross-site scripting (XSS) vulnerabilities in Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allow remote attackers to inject arbitrary web script or HTML via the (1) Notes section to Order details; (2) Description section to "Order to consume"; (3) Favorites name section to Favorites; (4) FiltKeyword parameter to Procurement/EKPHTML/search_item_bt.asp; (5) Act parameter to Procurement/EKPHTML/EnterpriseManager/Budget/ImportBudget_fr.asp; (6) hdnOpener or (7) hdnApproverFieldName parameter to Procurement/EKPHTML/EnterpriseManager/UserSearchDlg.asp; or (8) INTEGRATED parameter to Procurement/EKPHTML/EnterpriseManager/Codes.asp. | 4.3 |
2014-10-10 | CVE-2014-6439 | Elasticsearch | Cross-Site Scripting vulnerability in Elasticsearch 1.1.1/1.2.0 Cross-site scripting (XSS) vulnerability in the CORS functionality in Elasticsearch before 1.4.0.Beta1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-10-10 | CVE-2014-4661 | HP | Cross-Site Scripting vulnerability in HP Records Manager 8.1 Cross-site scripting (XSS) vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-10-10 | CVE-2014-3404 | Cisco | Cryptographic Issues vulnerability in Cisco IOS XE The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677. | 4.3 |
2014-10-08 | CVE-2014-7983 | Joomla | Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in com_contact in Joomla! CMS 3.1.2 through 3.2.x before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-10-08 | CVE-2014-7982 | Joomla | Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-10-08 | CVE-2014-7203 | Zeromq | Security Bypass vulnerability in ZeroMQ libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors. | 4.3 |
2014-10-08 | CVE-2014-7202 | Zeromq | Security Bypass vulnerability in Zeromq 4.0.0/4.0.4 stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request. | 4.3 |
2014-10-08 | CVE-2014-6631 | Joomla | Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in com_media in Joomla! 3.2.x before 3.2.5 and 3.3.x before 3.3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-10-07 | CVE-2014-4871 | Netcommwireless | Cross-Site Scripting vulnerability in Netcommwireless Nb604N and Nb604N Firmware Cross-site scripting (XSS) vulnerability in wlsecurity.html on NetCommWireless NB604N routers with firmware before GAN5.CZ56T-B-NC.AU-R4B030.EN allows remote attackers to inject arbitrary web script or HTML via the wlWpaPsk parameter. | 4.3 |
2014-10-07 | CVE-2014-0940 | IBM | Cross-Site Scripting vulnerability in IBM Tivoli Service Automation Manager 7.2.2.2 Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Service Automation Manager 7.2.2.2 before 7.2.2.2-TIV-TSAM-LA0041 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) REST API or (2) Self Service UI. | 4.3 |
2014-10-06 | CVE-2014-4510 | Debian | Cross-Site Request Forgery (CSRF) vulnerability in Debian Apt-Cacher 0.7.26 Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2014-10-06 | CVE-2014-1224 | Rexx Systems | Cross-Site Scripting vulnerability in Rexx-Systems Recruitment R6.1/R7.0 Incomplete blacklist vulnerability in the user registration feature in rexx Recruitment R6.1 and R7 without "fixes from 2014-01-15" allows remote attackers to conduct cross-site scripting (XSS) attacks via the oninput event handler in the fname parameter to the default URI in /reg. | 4.3 |
2014-10-06 | CVE-2014-6054 | Libvncserver Debian Canonical | Numeric Errors vulnerability in multiple products The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message. | 4.3 |
2014-10-06 | CVE-2014-2644 | HP | Cross-Site Scripting vulnerability in HP Systems Insight Manager Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2014-10-10 | CVE-2014-4761 | IBM | Information Exposure vulnerability in IBM Websphere Portal IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to discover credentials by reading HTML source code. | 4.0 |
2014-10-09 | CVE-2014-8079 | Drupal | Cross-Site Scripting vulnerability in Drupal Mayo 7.X1.1/7.X1.2/7.X1.Xdev Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to header background setting. | 4.0 |
2014-10-08 | CVE-2014-5376 | Adaptivecomputing | Improper Input Validation vulnerability in Adaptivecomputing Moab 8.0 Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0, when a pre-generated key is used, does not validate that the requesting user matches the actor in the message, which allows remote authenticated users to impersonate arbitrary users via the actor field in a message. | 4.0 |
2014-10-08 | CVE-2014-5375 | Adaptivecomputing | Improper Input Validation vulnerability in Adaptivecomputing Moab 8.0 The server in Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 does not properly validate the message owner matches the submitting user, which allows remote authenticated users to impersonate arbitrary users via the UserId and Owner tags. | 4.0 |
2014-10-07 | CVE-2014-4802 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Business Process Manager The Saved Search Admin component in the Process Admin Console in IBM Business Process Manager (BPM) 8.0 through 8.5.5 does not properly restrict task and instance listings in result sets, which allows remote authenticated users to bypass authorization checks and obtain sensitive information by executing a saved search. | 4.0 |
16 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-10-06 | CVE-2014-1875 | Cspan | Link Following vulnerability in Cspan Capture-Tiny 0.20/0.21/0.22 The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via a symlink attack on a temporary file. | 3.6 |
2014-10-10 | CVE-2014-3147 | Splunk | Cross-Site Scripting vulnerability in Splunk Cross-site scripting (XSS) vulnerability in the auto-complete feature in Splunk Enterprise before 6.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a CSV file. | 3.5 |
2014-10-09 | CVE-2014-8078 | Drupal | Cross-Site Scripting vulnerability in Drupal Print Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 6.x-1.x before 6.x-1.19, 7.x-1.x before 7.x-1.3, and 7.x-2.x before 7.x-2.0 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to nodes. | 3.5 |
2014-10-09 | CVE-2014-8077 | Drupal | Cross-Site Scripting vulnerability in Drupal Newsflash Cross-site scripting (XSS) vulnerability in the NewsFlash theme 6.x-1.x before 6.x-1.7 and 7.x-1.x before 7.x-2.5 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to font family CSS property. | 3.5 |
2014-10-09 | CVE-2014-8076 | Drupal | Cross-Site Scripting vulnerability in Drupal Professional Theme Cross-site scripting (XSS) vulnerability in the Professional theme 7.x before 7.x-2.04 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to custom copyright information. | 3.5 |
2014-10-09 | CVE-2014-8075 | Drupal | Cross-Site Scripting vulnerability in Drupal Tribune 6.X1.13/6.X1.2/7.X3.0 Cross-site scripting (XSS) vulnerability in the Tribune module 6.x-1.x and 7.x-3.x for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title. | 3.5 |
2014-10-08 | CVE-2014-7980 | Drupal | Cross-Site Scripting vulnerability in Drupal ZEN Multiple cross-site scripting (XSS) vulnerabilities in template.php in Zen theme 7.x-3.x before 7.x-3.3 and 7.x-5.x before 7.x-5.5 for Drupal allow remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via the skip_link_text setting and unspecified other theme settings. | 3.5 |
2014-10-08 | CVE-2014-7979 | Drupal | Cross-Site Scripting vulnerability in Drupal Simplecorp 7.X1.0 Cross-site scripting (XSS) vulnerability in the SimpleCorp theme 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings. | 3.5 |
2014-10-08 | CVE-2014-7978 | Drupal | Cross-Site Scripting vulnerability in Drupal Bluemasters 7.X2.0 Cross-site scripting (XSS) vulnerability in the BlueMasters theme 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to theme settings. | 3.5 |
2014-10-07 | CVE-2014-7295 | Mediawiki | Cross-Site Scripting vulnerability in Mediawiki The (1) Special:Preferences and (2) Special:UserLogin pages in MediaWiki before 1.19.20, 1.22.x before 1.22.12 and 1.23.x before 1.23.5 allows remote authenticated users to conduct cross-site scripting (XSS) attacks or have unspecified other impact via crafted CSS, as demonstrated by modifying MediaWiki:Common.css. | 3.5 |
2014-10-06 | CVE-2014-7870 | Drupal | Cross-Site Scripting vulnerability in Drupal Custom Search Module Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x before 6.x-1.12 and 7.x-1.x before 7.x-1.14 for Drupal allows remote authenticated users with the "administer custom search" permission to inject arbitrary web script or HTML via the "Label text" field to admin/config/search/custom_search/results. | 3.5 |
2014-10-06 | CVE-2014-7869 | Drupal | Cross-Site Scripting vulnerability in Drupal Context Form Alteration Module 7.X1.0/7.X1.1 Cross-site scripting (XSS) vulnerability in the configuration UI in the Context Form Alteration module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "administer contexts" permission to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2014-10-10 | CVE-2014-5351 | MIT | Credentials Management vulnerability in MIT Kerberos 5 1.12.2 The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access. | 2.1 |
2014-10-10 | CVE-2014-5270 | Gnupg Debian | Information Exposure vulnerability in multiple products Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed metal, a different vector than CVE-2013-4576. | 2.1 |
2014-10-08 | CVE-2014-7231 | Openstack Redhat | Information Exposure vulnerability in multiple products The strutils.mask_password function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log. | 2.1 |
2014-10-08 | CVE-2014-7230 | Openstack Redhat Canonical | Information Exposure vulnerability in multiple products The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log. | 2.1 |