Weekly Vulnerabilities Reports > November 3 to 9, 2014
Overview
100 new vulnerabilities reported during this period, including 5 critical vulnerabilities and 20 high severity vulnerabilities. This weekly summary report vulnerabilities in 122 products from 62 vendors including SAP, IBM, Cisco, Debian, and Opensuse. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Improper Input Validation", "Information Exposure", and "Permissions, Privileges, and Access Controls".
- 89 reported vulnerabilities are remotely exploitables.
- 10 reported vulnerabilities have public exploit available.
- 40 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 80 reported vulnerabilities are exploitable by an anonymous user.
- SAP has the most reported vulnerabilities, with 17 reported vulnerabilities.
- SAP has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
5 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-11-06 | CVE-2014-8669 | SAP | Code Injection vulnerability in SAP Customer Relationship Management The SAP Promotion Guidelines (CRM-MKT-MPL-TPM-PPG) module for SAP CRM allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2014-11-06 | CVE-2014-8661 | SAP | Code Injection vulnerability in SAP Customer Relationship Management Internet Sales The SAP CRM Internet Sales module allows remote attackers to execute arbitrary commands via unspecified vectors. | 10.0 |
2014-11-06 | CVE-2014-8656 | Compal Broadband Networks | Credentials Management vulnerability in Compal Broadband Networks products The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH have a default password of (1) admin for the admin account and (2) compalbn for the root account, which makes it easier for remote attackers to obtain access to certain sensitive information via unspecified vectors. | 10.0 |
2014-11-07 | CVE-2014-2177 | Cisco | Code Injection vulnerability in Cisco products The network-diagnostics administration interface in the Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote authenticated users to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCuh87126. | 9.0 |
2014-11-04 | CVE-2014-7875 | HP | Remote Denial of Service vulnerability in HP LaserJet Printers Unspecified vulnerability on the HP LaserJet CM3530 Multifunction Printer CC519A and CC520A with firmware before 53.236.2 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. | 9.0 |
20 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-11-06 | CVE-2014-8662 | SAP | Denial of Service vulnerability in SAP Payroll Process Unspecified vulnerability in SAP Payroll Process allows remote attackers to cause a denial of service via vectors related to session handling. | 7.8 |
2014-11-07 | CVE-2014-3437 | Symantec | XML External Entity Injection vulnerability in Symantec Endpoint Protection Manager The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 7.5 |
2014-11-06 | CVE-2014-8668 | SAP | SQL Injection vulnerability in SAP Contract Accounting SQL injection vulnerability in SAP Contract Accounting allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2014-11-06 | CVE-2014-8664 | SAP | SQL Injection vulnerability in SAP Environment Health and Safety SQL injection vulnerability in Product Safety (EHS-SAF) component in SAP Environment, Health, and Safety Management allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2014-11-06 | CVE-2014-8663 | SAP | SQL Injection vulnerability in SAP Netweaver Business Warehouse SQL injection vulnerability in Data Basis (BW-WHM-DBA) in SAP NetWeaver Business Warehouse allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2014-11-06 | CVE-2014-8351 | French National Commission ON Informatics AND Liberty | SQL Injection vulnerability in French National Commission ON Informatics and Liberty Cookieviz 1.0 SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter. | 7.5 |
2014-11-05 | CVE-2014-2374 | Accuenergy | Information Exposure vulnerability in Accuenergy Acuvim II and Axm-Net The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to discover passwords and modify settings via vectors involving JavaScript. | 7.5 |
2014-11-05 | CVE-2014-2373 | Accuenergy | Improper Authentication vulnerability in Accuenergy Acuvim II and Axm-Net The web server on the AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to bypass authentication and modify settings via a direct request to an unspecified URL. | 7.5 |
2014-11-04 | CVE-2014-8474 | CA | XML External Entity Injection vulnerability in CA Cloud Service Management CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 7.5 |
2014-11-04 | CVE-2014-8588 | SAP | SQL Injection vulnerability in SAP Hana 1.00.60.379371 SQL injection vulnerability in metadata.xsjs in SAP HANA 1.00.60.379371 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2014-11-04 | CVE-2014-8586 | CP Multi View Event Calendar Project | SQL Injection vulnerability in CP Multi View Event Calendar Project CP Multi View Event Calendar 1.0.1 SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.01 for WordPress allows remote attackers to execute arbitrary SQL commands via the calid parameter. | 7.5 |
2014-11-04 | CVE-2014-8339 | Nuevolab Clip Share | SQL Injection vulnerability in multiple products SQL injection vulnerability in midroll.php in Nuevolab Nuevoplayer for ClipShare 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ch parameter. | 7.5 |
2014-11-03 | CVE-2014-7228 | Joomla | Cryptographic Issues vulnerability in Joomla Joomla! Akeeba Restore (restore.php), as used in Joomla! 2.5.4 through 2.5.25, 3.x through 3.2.5, and 3.3.0 through 3.3.4; Akeeba Backup for Joomla! Professional 3.0.0 through 4.0.2; Backup Professional for WordPress 1.0.b1 through 1.1.3; Solo 1.0.b1 through 1.1.2; Admin Tools Core and Professional 2.0.0 through 2.4.4; and CMS Update 1.0.a1 through 1.0.1, when performing a backup or update for an archive, does not delete parameters from $_GET and $_POST when it is cleansing $_REQUEST, but later accesses $_GET and $_POST using the getQueryParam function, which allows remote attackers to bypass encryption and execute arbitrary code via a command message that extracts a crafted archive. | 7.5 |
2014-11-03 | CVE-2014-0490 | Debian Linux | Improper Input Validation vulnerability in Debian Advanced Package Tool The apt-get download command in APT before 1.0.9 does not properly validate signatures for packages, which allows remote attackers to execute arbitrary code via a crafted package. | 7.5 |
2014-11-03 | CVE-2014-0489 | Debian | Improper Input Validation vulnerability in Debian Advanced Package Tool 1.0.3/1.0.5/1.0.7 APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote attackers to execute arbitrary code via a crafted package. | 7.5 |
2014-11-03 | CVE-2014-0487 | Debian | Security Bypass vulnerability in apt APT before 1.0.9 does not verify downloaded files if they have been modified as indicated using the If-Modified-Since header, which has unspecified impact and attack vectors. | 7.5 |
2014-11-03 | CVE-2014-8350 | Smarty | Code Injection vulnerability in Smarty Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "{literal}<{/literal}script language=php>" in a template. | 7.5 |
2014-11-06 | CVE-2014-8660 | SAP | Code Injection vulnerability in SAP Document Management Services SAP Document Management Services allows local users to execute arbitrary commands via unspecified vectors. | 7.2 |
2014-11-03 | CVE-2014-5507 | PRO Softnet Corporation | Permissions, Privileges, and Access Controls vulnerability in PRO Softnet Corporation Ibackup iBackup 10.0.0.32 and earlier uses weak permissions (Everyone: Full Control) for ib_service.exe, which allows local users to gain privileges via a Trojan horse file. | 7.2 |
2014-11-04 | CVE-2014-2718 | T Mobile Asus | Insufficient Verification of Data Authenticity vulnerability in multiple products ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image. | 7.1 |
67 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-11-07 | CVE-2014-5430 | ABB | Local Code Execution vulnerability in Multiple ABB Products Untrusted search path vulnerability in ABB RobotStudio 5.6x before 5.61.02 and Test Signal Viewer 1.5 allows local users to gain privileges via a Trojan horse DLL that is accessed as a result of incorrect DLL configuration by an optional installation program. | 6.9 |
2014-11-07 | CVE-2014-7990 | Cisco | Improper Input Validation vulnerability in Cisco products Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the "request system shell" challenge response, which allows local users to obtain Linux root access by leveraging administrative privilege, aka Bug ID CSCur09815. | 6.8 |
2014-11-07 | CVE-2014-7989 | Cisco | Improper Input Validation vulnerability in Cisco products Cisco Unified Computing System on B-Series blade servers allows local users to gain shell privileges via a crafted (1) ping6 or (2) traceroute6 command, aka Bug ID CSCuq38176. | 6.8 |
2014-11-07 | CVE-2014-2178 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products Cross-site request forgery (CSRF) vulnerability in the administrative web interface in the Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote attackers to hijack the authentication of administrators, aka Bug ID CSCuh87145. | 6.8 |
2014-11-06 | CVE-2014-8654 | Compal Broadband Networks | Cross-Site Request Forgery (CSRF) vulnerability in Compal Broadband Networks products Multiple cross-site request forgery (CSRF) vulnerabilities in Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway hardware 1.0 with firmware CH6640-3.5.11.7-NOSH allow remote attackers to hijack the authentication of administrators for requests that (1) have unspecified impact on DDNS configuration via a request to basicDDNS.html, (2) change the wifi password via the psKey parameter to setWirelessSecurity.html, (3) add a static MAC address via the MacAddress parameter in an add_static action to setBasicDHCP1.html, or (4) enable or disable UPnP via the UPnP parameter in an apply action to setAdvancedOptions.html. | 6.8 |
2014-11-04 | CVE-2014-8473 | CA | Cross-Site Request Forgery (CSRF) vulnerability in CA Cloud Service Management Cross-site request forgery (CSRF) vulnerability in CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2014-11-04 | CVE-2014-8472 | CA | Improper Authentication vulnerability in CA Cloud Service Management CA Cloud Service Management (CSM) before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors. | 6.8 |
2014-11-04 | CVE-2013-7057 | Axway | Cross-Site Request Forgery (CSRF) vulnerability in Axway Securetransport Cross-site request forgery (CSRF) vulnerability in Axway SecureTransport 5.1 SP2 and earlier allows remote attackers to hijack the authentication of unspecified users for requests that upload arbitrary files via a crafted request to api/v1.0/files/. | 6.8 |
2014-11-03 | CVE-2014-0488 | Debian | Improper Input Validation vulnerability in Debian Advanced Package Tool 1.0.3/1.0.7 APT before 1.0.9 does not "invalidate repository data" when moving from an unauthenticated to authenticated state, which allows remote attackers to have unspecified impact via crafted repository data. | 6.8 |
2014-11-07 | CVE-2014-4627 | RSA | SQL Injection vulnerability in RSA web Threat Detection SQL injection vulnerability in EMC RSA Web Threat Detection 4.x before 4.6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2014-11-06 | CVE-2014-6030 | Classapps | SQL Injection vulnerability in Classapps Selectsurvey.Net 4.125.000 Multiple SQL injection vulnerabilities in ClassApps SelectSurvey.NET before 4.125.002 allow (1) remote attackers to execute arbitrary SQL commands via the SurveyID parameter to survey/ReviewReadOnlySurvey.aspx or (2) remote authenticated users to execute arbitrary SQL commands via the SurveyID parameter to survey/UploadImagePopupToDb.aspx. | 6.5 |
2014-11-06 | CVE-2014-7959 | AIT PRO | SQL Injection vulnerability in Ait-Pro Bulletproof Security SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tableprefix parameter. | 6.5 |
2014-11-04 | CVE-2014-7176 | Enalean | SQL Injection vulnerability in Enalean Tuleap SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands via the lobal_txt parameter to plugins/docman. | 6.5 |
2014-11-04 | CVE-2014-5387 | Ellislab Expressionengine | SQL Injection vulnerability in multiple products Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine before 2.9.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) column_filter or (2) category[] parameter to system/index.php or the (3) tbl_sort[0][] parameter in the comment module to system/index.php. | 6.5 |
2014-11-03 | CVE-2014-0204 | Openstack | Improper Privilege Management vulnerability in Openstack Keystone 2014.1 OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID. | 6.5 |
2014-11-07 | CVE-2014-3439 | Symantec | Arbitrary File Write vulnerability in Symantec Endpoint Protection Manager ConsoleServlet in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to write to arbitrary files via unspecified vectors. | 6.1 |
2014-11-06 | CVE-2014-8670 | Vbulletin | Unspecified vulnerability in Vbulletin 4.2.1 Open redirect vulnerability in go.php in vBulletin 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | 5.8 |
2014-11-07 | CVE-2014-2179 | Cisco | Improper Input Validation vulnerability in Cisco products The Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote attackers to upload files to arbitrary locations via a crafted HTTP request, aka Bug ID CSCuh86998. | 5.0 |
2014-11-06 | CVE-2014-8666 | SAP | Information Exposure vulnerability in SAP Business Intelligence Development Workbench The User & Server configuration, InfoView refresh, user rights (BI-BIP-ADM) component in SAP Business Intellignece allows remote attackers to obtain audit event details via unspecified vectors. | 5.0 |
2014-11-06 | CVE-2014-8665 | SAP | Information Exposure vulnerability in SAP Business Intelligence Development Workbench The SAP Business Intelligence Development Workbench allows remote attackers to obtain sensitive information by reading unspecified files. | 5.0 |
2014-11-06 | CVE-2014-8659 | SAP | Path Traversal vulnerability in SAP Environment Health and Safety Directory traversal vulnerability in SAP Environment, Health, and Safety allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |
2014-11-06 | CVE-2014-8657 | Compal Broadband Networks | Configuration vulnerability in Compal Broadband Networks products The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH allows remote attackers to cause a denial of service (disconnect all wifi clients) via a request to wirelessChannelStatus.html. | 5.0 |
2014-11-06 | CVE-2014-8655 | Compal Broadband Networks | Permissions, Privileges, and Access Controls vulnerability in Compal Broadband Networks products The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH allows remote attackers to bypass authentication and obtain sensitive information via an (a) admin or a (b) root value in the userData cookie in a request to (1) CmgwWirelessSecurity.xml, (2) DocsisConfigFile.xml, or (3) CmgwBasicSetup.xml in xml/ or (4) basicDDNS.html, (5) basicLanUsers.html, or (6) rootDesc.xml. | 5.0 |
2014-11-06 | CVE-2014-8483 | Canonical Debian Quassel IRC Opensuse | Out-Of-Bounds Read vulnerability in multiple products The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string. | 5.0 |
2014-11-06 | CVE-2014-0995 | SAP | Improper Input Validation vulnerability in SAP Netweaver The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and earlier allows remote attackers to cause a denial of service (uncontrolled recursion and crash) via a trace level with a wildcard in the Trace Pattern. | 5.0 |
2014-11-04 | CVE-2014-6130 | IBM | Information Exposure vulnerability in IBM Notes Traveler 9.0.1.2 The IBM Notes Traveler application before 9.0.1.3 for Android lacks a warning message during selection of an HTTP session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which the user had intended to use HTTPS. | 5.0 |
2014-11-04 | CVE-2014-3660 | Xmlsoft Apple Canonical Debian Redhat | Denial of Service vulnerability in Libxml2 Entities Expansion parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the "billion laughs" attack. | 5.0 |
2014-11-04 | CVE-2014-8592 | SAP | Denial of Service vulnerability in SAP Netweaver 7.02/7.30 Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request. | 5.0 |
2014-11-04 | CVE-2014-8591 | SAP | Denial of Service vulnerability in SAP Netweaver 7.02/7.30 Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors. | 5.0 |
2014-11-04 | CVE-2014-8589 | SAP | Numeric Errors vulnerability in SAP Network Interface Router 40.4 Integer overflow in SAP Network Interface Router (SAProuter) 40.4 allows remote attackers to cause a denial of service (resource consumption) via crafted requests. | 5.0 |
2014-11-04 | CVE-2014-8585 | Wpdownloadmanager | Link Following vulnerability in Wpdownloadmanager Wordpress Download Manager Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-11-04 | CVE-2014-4311 | Epicor | Information Exposure vulnerability in Epicor Enterprise Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allows attackers to obtain the (1) Database Connection and (2) E-mail Connection passwords by reading HTML source code of the database connection and email settings page. | 5.0 |
2014-11-03 | CVE-2013-0336 | Redhat | Improper Input Validation vulnerability in Redhat Freeipa The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the directory server (dirsrv) in FreeIPA before 3.2.0 allows remote attackers to cause a denial of service (crash) via a connection request without a username/dn, related to the 389 directory server. | 5.0 |
2014-11-03 | CVE-2012-6661 | Plone Zope | Cryptographic Issues vulnerability in multiple products Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. | 5.0 |
2014-11-03 | CVE-2014-8080 | Opensuse Canonical Ruby Lang Redhat | XML External Entity Denial of Service vulnerability in Ruby The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack. | 5.0 |
2014-11-03 | CVE-2014-3712 | Katello | Resource Management Errors vulnerability in Katello Katello allows remote attackers to cause a denial of service (memory consumption) via the (1) mode parameter in the setup_utils function in content_search_controller.rb or (2) action parameter in the respond function in api/api_controller.rb in app/controllers/katello/, which is passed to the to_sym method. | 5.0 |
2014-11-07 | CVE-2014-8580 | Citrix | Permissions, Privileges, and Access Controls vulnerability in Citrix products Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors. | 4.9 |
2014-11-03 | CVE-2014-8494 | Estsoft | Permissions, Privileges, and Access Controls vulnerability in Estsoft Alupdate 8.5.1.0.0 ESTsoft ALUpdate 8.5.1.0.0 uses weak permissions (Users: Full Control) for the (1) AlUpdate folder and (2) AlUpdate.exe, which allows local users to gain privileges via a Trojan horse file. | 4.6 |
2014-11-08 | CVE-2014-7818 | Rubyonrails Opensuse | Path Traversal vulnerability in multiple products Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.20, 4.0.x before 4.0.11, 4.1.x before 4.1.7, and 4.2.x before 4.2.0.beta3, when serve_static_assets is enabled, allows remote attackers to determine the existence of files outside the application root via a /..%2F sequence. | 4.3 |
2014-11-08 | CVE-2014-6300 | Opensuse Phpmyadmin | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1 allows remote attackers to inject arbitrary web script or HTML, and consequently conduct a cross-site request forgery (CSRF) attack to create a root account, via a crafted URL, related to js/ajax.js. | 4.3 |
2014-11-07 | CVE-2014-6623 | Arubanetworks | Cross-Site Scripting vulnerability in Arubanetworks Clearpass Cross-site request forgery (CSRF) vulnerability in the Insight module in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote attackers to hijack the authentication of a logged in user via unspecified vectors. | 4.3 |
2014-11-07 | CVE-2014-6620 | Arubanetworks | Cross-Site Scripting vulnerability in Arubanetworks Clearpass Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-11-07 | CVE-2014-8672 | Rewardingyourself | Cross-Site Scripting vulnerability in Rewardingyourself Cross-site scripting (XSS) vulnerability in the RewardingYourself application for Android and BlackBerry OS allows remote attackers to inject arbitrary web script or HTML via a crafted QR code. | 4.3 |
2014-11-07 | CVE-2014-8671 | GWT Mobile Phonegap Showcase Project | Cross-Site Scripting vulnerability in GWT Mobile Phonegap Showcase Project GWT Mobile Phonegap Showcase 1.6 Cross-site scripting (XSS) vulnerability in the GWT Mobile PhoneGap Showcase application for Android allows remote attackers to inject arbitrary web script or HTML via a crafted Bluetooth Device Name field. | 4.3 |
2014-11-07 | CVE-2014-3438 | Symantec | Cross-Site Scripting vulnerability in Symantec Endpoint Protection Manager Multiple cross-site scripting (XSS) vulnerabilities in console interface scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-11-06 | CVE-2014-5451 | Modx | Cross-Site Scripting vulnerability in Modx Revolution Cross-site scripting (XSS) vulnerability in manager/templates/default/header.tpl in MODX Revolution 2.3.1-pl and earlier allows remote attackers to inject arbitrary web script or HTML via the "a" parameter to manager/. | 4.3 |
2014-11-06 | CVE-2014-8667 | SAP | Cross-Site Scripting vulnerability in SAP Hana Web-Based Development Workbench Cross-site scripting (XSS) vulnerability in SAP HANA Web-based Development Workbench allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-11-06 | CVE-2014-8653 | Compal Broadband Networks | Cross-Site Scripting vulnerability in Compal Broadband Networks products Cross-site scripting (XSS) vulnerability in Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH allows remote attackers to inject arbitrary web script or HTML via the userData cookie. | 4.3 |
2014-11-06 | CVE-2014-8508 | Denon | Cross-Site Scripting vulnerability in Denon Avr-3313Ci Cross-site scripting (XSS) vulnerability in s_network.asp in the Denon AVR-3313CI audio/video receiver allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to Friendlyname. | 4.3 |
2014-11-06 | CVE-2014-8352 | French National Commission ON Informatics AND Liberty | Cross-Site Scripting vulnerability in French National Commission ON Informatics and Liberty Cookieviz Cross-site scripting (XSS) vulnerability in json.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz allows remote we servers to inject arbitrary web script or HTML via the max_date parameter. | 4.3 |
2014-11-06 | CVE-2014-7958 | AIT PRO | Cross-site Scripting vulnerability in Ait-Pro Bulletproof Security Cross-site scripting (XSS) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dbhost parameter. | 4.3 |
2014-11-06 | CVE-2014-5257 | Formalms | Cross-Site Scripting vulnerability in Formalms Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms before 1.2.1 p01 allow remote attackers to inject arbitrary web script or HTML via the (1) id_custom parameter in an amanmenu request or (2) id_game parameter in an alms/games/edit request to appCore/index.php. | 4.3 |
2014-11-06 | CVE-2014-4664 | Wordfence Security Project | Cross-Site Scripting vulnerability in Wordfence Security Project Wordfence Security Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin before 5.1.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the whoisval parameter on the WordfenceWhois page to wp-admin/admin.php. | 4.3 |
2014-11-05 | CVE-2014-5417 | Meinberg | Cross-Site Scripting vulnerability in Meinberg products Cross-site scripting (XSS) vulnerability in Meinberg NTP Server firmware on LANTIME M-Series devices 6.15.019 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-11-05 | CVE-2014-5408 | Nordex | Cross-Site Scripting vulnerability in Nordex Control 2 Scada Cross-site scripting (XSS) vulnerability in the login script in the Wind Farm Portal on Nordex Control 2 (NC2) SCADA devices 15 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter. | 4.3 |
2014-11-05 | CVE-2014-4834 | IBM | XML External Entity Denial of Service vulnerability in IBM WebSphere Commerce IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.8 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application crash) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | 4.3 |
2014-11-05 | CVE-2014-4810 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Cognos Mobile 10.1.1/10.2.0/10.2.1 IBM Cognos Mobile 10.1.1 before FP3 IF1, 10.2.0 before FP2 IF1, and 10.2.1 before FP4 IF1 preserves a session between the Cognos Mobile server and the Cognos Business Intelligence server after a logoff action on a mobile device, which makes it easier for remote attackers to bypass intended Business Intelligence restrictions by leveraging access to authentication data that was captured before this logoff. | 4.3 |
2014-11-04 | CVE-2014-8471 | CA | Replay Security Bypass vulnerability in CA Cloud Service Management CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to conduct replay attacks via unspecified vectors. | 4.3 |
2014-11-04 | CVE-2014-8593 | Allomani | Cross-Site Scripting vulnerability in Allomani Weblinks 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Allomani Weblinks 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default URI to admin.php or the (2) id parameter to admin.php or (3) go.php. | 4.3 |
2014-11-04 | CVE-2014-8590 | SAP | XML External Entity Information Disclosure vulnerability in SAP NetWeaver AS Java XML external entity (XXE) vulnerability in the Web Service Navigator in SAP NetWeaver Application Server (AS) Java allows remote attackers to access arbitrary files via a crafted request. | 4.3 |
2014-11-04 | CVE-2014-8584 | WEB Dorado | Cross-Site Scripting vulnerability in Web-Dorado Spider Video Player Cross-site scripting (XSS) vulnerability in the Web Dorado Spider Video Player (aka WordPress Video Player) plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-11-08 | CVE-2014-6097 | IBM | Improper Input Validation vulnerability in IBM DB2 9.7/9.8 IBM DB2 9.7 before FP10 and 9.8 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement. | 4.0 |
2014-11-07 | CVE-2014-8510 | Trendmicro | Improper Input Validation vulnerability in Trendmicro Interscan web Security Virtual Appliance The AdminUI in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) before 6.0 HF build 1244 allows remote authenticated users to read arbitrary files via vectors related to configuration input when saving filters. | 4.0 |
2014-11-07 | CVE-2014-7988 | Cisco | Information Exposure vulnerability in Cisco Unity Connection The Unified Messaging Service (UMS) in Cisco Unity Connection 10.5 and earlier allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCur06493. | 4.0 |
2014-11-06 | CVE-2014-5258 | Webedition | Path Traversal vulnerability in Webedition CMS 6.2.7.0/6.3.3.0/6.3.8.0 Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. | 4.0 |
2014-11-06 | CVE-2014-8658 | Refinedwiki | Cross-Site Scripting vulnerability in Refinedwiki Original Theme Cross-site scripting (XSS) vulnerability in RefinedWiki Original Theme 3.x before 3.5.13 and 4.x before 4.0.12 for Confluence allows remote authenticated users with permissions to create or edit content to inject arbitrary web script or HTML via the versionComment parameter to pages/doeditpage.action. | 4.0 |
2014-11-05 | CVE-2014-4769 | IBM | XML External Entity Information Disclosure vulnerability in IBM WebSphere Commerce IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.8 allows remote authenticated users to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 4.0 |
8 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-11-08 | CVE-2014-6161 | IBM | Cross-Site Scripting vulnerability in IBM Tivoli Netcool/Impact 6.1.1 Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool/Impact 6.1.1 before 6.1.1.1-TIV-NCI-IF0001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2014-11-08 | CVE-2014-6159 | IBM | Improper Input Validation vulnerability in IBM DB2 IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 through FP4 on Linux, UNIX, and Windows, when immediate AUTO_REVAL is enabled, allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement. | 3.5 |
2014-11-05 | CVE-2014-8622 | Compfight Project | Cross-Site Scripting vulnerability in Compfight Project Compfight 1.4 Cross-site scripting (XSS) vulnerability in compfight-search.php in the Compfight plugin 1.4 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the search-value parameter. | 3.5 |
2014-11-05 | CVE-2014-8326 | Phpmyadmin Opensuse | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.5, 4.1.x before 4.1.14.6, and 4.2.x before 4.2.10.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name, related to the libraries/DatabaseInterface.class.php code for SQL debug output and the js/server_status_monitor.js code for the server monitor page. | 3.5 |
2014-11-07 | CVE-2014-5038 | Eucalyptus | Information Exposure vulnerability in Eucalyptus Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files. | 2.1 |
2014-11-07 | CVE-2014-5037 | Eucalyptus | Information Exposure vulnerability in Eucalyptus 4.0.0/4.0.1 Eucalyptus 4.0.0 through 4.0.1, when the log level is set to INFO, logs user and system passwords, which allows local users to obtain sensitive information by reading cloud-requests.log. | 2.1 |
2014-11-04 | CVE-2014-4974 | Eset | Information Exposure vulnerability in Eset Personal Firewall Ndis Filter 1183(20140214) The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory via crafted IOCTL calls. | 2.1 |
2014-11-08 | CVE-2014-6146 | IBM | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2.1/5.2.2/5.2.4 IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process the logging configuration, which allows local users to obtain sensitive information by reading log files. | 1.9 |