Weekly Vulnerabilities Reports > November 17 to 23, 2014
Overview
97 new vulnerabilities reported during this period, including 8 critical vulnerabilities and 13 high severity vulnerabilities. This weekly summary report vulnerabilities in 95 products from 59 vendors including Apple, IBM, Arubanetworks, Opensuse, and Redhat. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Information Exposure", "SQL Injection", and "Path Traversal".
- 84 reported vulnerabilities are remotely exploitables.
- 19 reported vulnerabilities have public exploit available.
- 35 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 75 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 14 reported vulnerabilities.
- Arubanetworks has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
8 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-11-20 | CVE-2014-9002 | Lantronix | Permissions, Privileges, and Access Controls vulnerability in Lantronix Xprintserver Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action. | 10.0 |
2014-11-19 | CVE-2014-6626 | Arubanetworks | Improper Access Control vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not properly restrict access to unspecified administrative functions, which allows remote attackers to bypass authentication and execute administrative actions via unknown vectors. | 10.0 |
2014-11-19 | CVE-2014-5342 | Arubanetworks | Unspecified vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2014-6627. | 10.0 |
2014-11-18 | CVE-2014-4461 | Apple | Improper Input Validation vulnerability in Apple Iphone OS, mac OS X and Tvos The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application. | 9.3 |
2014-11-20 | CVE-2014-8387 | Advantech | OS Command Injection vulnerability in Advantech Eki-6340 and Eki-6340 Firmware cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi. | 9.0 |
2014-11-19 | CVE-2014-6627 | Arubanetworks | Improper Access Control vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2014-5342. | 9.0 |
2014-11-19 | CVE-2014-6625 | Arubanetworks | Improper Access Control vulnerability in Arubanetworks Clearpass The Policy Manager in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote authenticated users to gain privileges via unspecified vectors. | 9.0 |
2014-11-19 | CVE-2013-3678 | SAP | Security vulnerability in SAP GRC Multiple unspecified vulnerabilities in SAP Governance, Risk, and Compliance (GRC) allow remote authenticated users to gain privileges and execute arbitrary programs via a crafted (1) RFC or (2) SOAP-RFC request. | 9.0 |
13 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-11-18 | CVE-2014-6324 | Microsoft | Unspecified vulnerability in Microsoft products The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability." | 8.8 |
2014-11-21 | CVE-2014-8682 | Gogits | SQL Injection vulnerability in Gogits Gogs Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1) api/v1/repos/search, which is not properly handled in models/repo.go, or (2) api/v1/users/search, which is not properly handled in models/user.go. | 7.5 |
2014-11-21 | CVE-2014-8681 | Gogits | SQL Injection vulnerability in Gogits Gogs SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL commands via the label parameter to user/repos/issues. | 7.5 |
2014-11-20 | CVE-2014-9024 | Protected Pages Project | Permissions, Privileges, and Access Controls vulnerability in Protected Pages Project Protected Pages 7.X1.0/7.X2.0/7.X2.2 The Protected Pages module 7.x-2.x before 7.x-2.4 for Drupal allows remote attackers to bypass the password protection via a crafted path. | 7.5 |
2014-11-20 | CVE-2014-9005 | VLD Interactive | SQL Injection vulnerability in VLD Interactive Vldpersonals Multiple SQL injection vulnerabilities in vldPersonals before 2.7.1 allow remote attackers to execute arbitrary SQL commands via the (1) country, (2) gender1, or ((3) gender2 parameter in a search action to index.php. | 7.5 |
2014-11-20 | CVE-2014-8997 | Digitalvidhya | Code Injection vulnerability in Digitalvidhya Digi Online Examination System 2.0 Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/uploads/images/. | 7.5 |
2014-11-18 | CVE-2014-7146 | Mantisbt | Improper Input Validation vulnerability in Mantisbt 1.2.17 The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote attackers to execute arbitrary PHP code via a crafted (1) description field or (2) issuelink attribute in an XML file, which is not properly handled when executing the preg_replace function with the e modifier. | 7.5 |
2014-11-18 | CVE-2014-4457 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the debugserver sandbox, which allows attackers to bypass intended binary-execution restrictions via a crafted application that is run during a time period when debugging is not enabled. | 7.5 |
2014-11-17 | CVE-2014-8596 | PHP Fusion | SQL Injection vulnerability in PHP-Fusion 7.02.07 Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow remote authenticated users to execute arbitrary SQL commands via the (1) submit_id parameter in a 2 action to files/administration/submissions.php or (2) status parameter to files/administration/members.php. | 7.5 |
2014-11-17 | CVE-2014-8517 | Apple Netbsd | Command Injection vulnerability in multiple products The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect. | 7.5 |
2014-11-21 | CVE-2014-8388 | Advantech | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. | 7.2 |
2014-11-20 | CVE-2014-2382 | Faronics | Resource Management Errors vulnerability in Faronics Deep Freeze The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service (crash) and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the IofCallDriver function. | 7.2 |
2014-11-18 | CVE-2014-4451 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Apple iOS before 8.1.1 does not properly enforce the failed-passcode limit, which makes it easier for physically proximate attackers to bypass the lock-screen protection mechanism via a series of guesses. | 7.2 |
68 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-11-23 | CVE-2014-6477 | Oracle | Information Exposure vulnerability in Oracle Database Server Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4296, CVE-2014-4297, CVE-2014-4310, and CVE-2014-6547. | 6.8 |
2014-11-21 | CVE-2014-5395 | Huawei | Cross-Site Request Forgery (CSRF) vulnerability in Huawei products Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU before V200R002B470D13SP00C00 and WebUI before V100R007B100D03SP01C03, E5180s-22 before 21.270.21.00.00, and E586Bs-2 before 21.322.10.00.889 allow remote attackers to hijack the authentication of users for requests that (1) modify configurations, (2) send SMS messages, or have other unspecified impact via unknown vectors. | 6.8 |
2014-11-20 | CVE-2014-9027 | Zteusa | Cross-Site Request Forgery (CSRF) vulnerability in Zteusa Zxdsl 831Cii Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDSL 831CII allow remote attackers to hijack the authentication of administrators for requests that disable modem lan ports via the (1) enblftp, (2) enblhttp, (3) enblsnmp, (4) enbltelnet, (5) enbltftp, (6) enblicmp, or (7) enblssh parameter to accesslocal.cmd. | 6.8 |
2014-11-20 | CVE-2014-9019 | ZTE | Cross-Site Request Forgery (CSRF) vulnerability in ZTE Zxdsl 831Cii Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDSL 831CII allow remote attackers to hijack the authentication of administrators for requests that (1) change the admin user name or (2) conduct cross-site scripting (XSS) attacks via the sysUserName parameter in a save action to adminpasswd.cgi or (3) change the admin user password via the sysPassword parameter in a save action to adminpasswd.cgi. | 6.8 |
2014-11-20 | CVE-2014-9003 | Lantronix | Cross-Site Request Forgery (CSRF) vulnerability in Lantronix Xprintserver Cross-site request forgery (CSRF) vulnerability in Lantronix xPrintServer allows remote attackers to hijack the authentication of administrators for requests that modify configuration, as demonstrated by executing arbitrary commands using the c parameter in the rpc action. | 6.8 |
2014-11-19 | CVE-2014-6624 | Arubanetworks | Information Exposure vulnerability in Arubanetworks Clearpass The Insight module in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote authenticated users to read arbitrary files via unspecified vectors. | 6.8 |
2014-11-18 | CVE-2014-7996 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Computing System Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477. | 6.8 |
2014-11-18 | CVE-2014-4459 | Apple | Memory Corruption vulnerability in WebKit Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document. | 6.8 |
2014-11-17 | CVE-2014-8953 | Phpscriptlerim | Cross-Site Request Forgery (CSRF) vulnerability in PHPscriptlerim PHP Scriptlerim Who'S WHO Multiple cross-site request forgery (CSRF) vulnerabilities in Php Scriptlerim Who's Who script allow remote attackers to hijack the authentication of administrators or requests that (1) add an admin account via a request to filepath/yonetim/plugin/adminsave.php or have unspecified impact via a request to (2) ayarsave.php, (3) uyesave.php, (4) slaytadd.php, or (5) slaytsave.php. | 6.8 |
2014-11-21 | CVE-2014-7871 | Open Xchange | SQL Injection vulnerability in Open-Xchange Appsuite SQL injection vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev36 and 7.6.x before 7.6.0-rev23 allows remote authenticated users to execute arbitrary SQL commands via a crafted jslob API call. | 6.5 |
2014-11-21 | CVE-2014-7137 | Dolibarr | SQL Injection vulnerability in Dolibarr Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) contactid parameter in an addcontact action, (2) ligne parameter in a swapstatut action, or (3) project_ref parameter to projet/tasks/contact.php; (4) lineid parameter in a deletecontact action, (5) ligne parameter in a swapstatut action, or (6) ref parameter to projet/contact.php; (7) id parameter to compta/bank/fiche.php, (8) contact/info.php, (9) holiday/index.php, (10) product/stock/fiche.php, (11) product/stock/info.php, or (12) in an edit action to product/stock/fiche.php; (13) productid parameter in an addline action to product/stock/massstockmove.php; (14) project_ref parameter to projet/tasks/note.php; (15) ref parameter to element.php, (16) ganttview.php, (17) note.php, or (18) tasks.php in projet/; (19) sall or (20) sref parameter to comm/mailing/liste.php; (21) search_bon, (22) search_ligne, (23) search_societe, or (24) search_code parameter to compta/prelevement/liste.php; (25) search_label parameter to compta/sociales/index.php; (26) search_project parameter to projet/tasks/index.php; (27) search_societe parameter to compta/prelevement/demandes.php; (28) search_statut parameter to user/index.php; (29) socid parameter to compta/recap-compta.php, (30) societe/commerciaux.php, or (31) societe/rib.php; (32) sortorder, (33) sref, (34) sall, or (35) sortfield parameter to product/stock/liste.php; (36) statut parameter to adherents/liste.php or (37) compta/dons/liste.php; (38) tobuy or (39) tosell parameter to product/liste.php; (40) tobuy, (41) tosell, (42) search_categ, or (43) sref parameter to product/reassort.php; (44) type parameter to product/index.php; or the (a) sortorder or (b) sortfield parameter to (45) compta/paiement/cheque/liste.php, (46) compta/prelevement/bons.php, (47) compta/prelevement/rejets.php, (48) product/stats/commande.php, (49) product/stats/commande_fournisseur.php, (50) product/stats/contrat.php, (51) product/stats/facture.php, (52) product/stats/facture_fournisseur.php, (53) product/stats/propal.php, or (54) product/stock/replenishorders.php. | 6.5 |
2014-11-20 | CVE-2014-9001 | Incrediblepbx | Code Injection vulnerability in Incrediblepbx Incredible PBX 11 2.0.6.5.0 reminders/index.php in Incredible PBX 11 2.0.6.5.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) APPTMIN, (2) APPTHR, (3) APPTDA, (4) APPTMO, (5) APPTYR, or (6) APPTPHONE parameters. | 6.5 |
2014-11-20 | CVE-2014-9000 | Mulesoft | Permissions, Privileges, and Access Controls vulnerability in Mulesoft Mule Enterprise Management Console Mule Enterprise Management Console (MMC) does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. | 6.5 |
2014-11-20 | CVE-2014-8999 | Xoops | SQL Injection vulnerability in Xoops 2.5.6 SQL injection vulnerability in htdocs/modules/system/admin.php in XOOPS before 2.5.7 Final allows remote authenticated users to execute arbitrary SQL commands via the selgroups parameter. | 6.5 |
2014-11-20 | CVE-2014-8998 | X7Chat | Code Injection vulnerability in X7Chat X7 Chat lib/message.php in X7 Chat 2.0.0 through 2.0.5.1 allows remote authenticated users to execute arbitrary PHP code via a crafted HTTP header to index.php, which is processed by the preg_replace function with the eval switch. | 6.5 |
2014-11-17 | CVE-2014-8499 | Manageengine | SQL Injection vulnerability in Manageengine Password Manager PRO Multiple SQL injection vulnerabilities in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition before 7.1 build 7105 allow remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parameter to (1) SQLAdvancedALSearchResult.cc or (2) AdvancedSearchResult.cc. | 6.5 |
2014-11-17 | CVE-2014-8498 | Zohocorp | SQL Injection vulnerability in Zohocorp Manageengine Password Manager PRO SQL injection vulnerability in BulkEditSearchResult.cc in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition before 7.1 build 7105 allows remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parameter. | 6.5 |
2014-11-21 | CVE-2014-7194 | Tibco | Permissions, Privileges, and Access Controls vulnerability in Tibco products TIBCO Managed File Transfer Internet Server before 7.2.4, Managed File Transfer Command Center before 7.2.4, Slingshot before 1.9.3, and Vault before 1.1.1 allow remote attackers to obtain sensitive information or modify data by leveraging agent access. | 6.4 |
2014-11-20 | CVE-2014-9022 | WEB Component Roles Project | Permissions, Privileges, and Access Controls vulnerability in web Component Roles Project web Component Roles The Webform Component Roles module 6.x-1.x before 6.x-1.8 and 7.x-1.x before 7.x-1.8 for Drupal allows remote attackers to bypass the "disabled" restriction and modify read-only components via a crafted form. | 6.4 |
2014-11-20 | CVE-2014-8769 | Redhat | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat Tcpdump tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access. | 6.4 |
2014-11-18 | CVE-2014-8598 | Mantisbt | Data Processing Errors vulnerability in Mantisbt The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to (1) upload arbitrary XML files via the import page or (2) obtain sensitive information via the export page. | 6.4 |
2014-11-17 | CVE-2014-8727 | F5 | Path Traversal vulnerability in F5 Big-Ip Local Traffic Manager Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "Resource Administrator" or "Administrator" role to enumerate and delete arbitrary files via a .. | 6.2 |
2014-11-18 | CVE-2014-4462 | Apple | Resource Management Errors vulnerability in Apple Iphone OS and Tvos WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4452. | 5.8 |
2014-11-20 | CVE-2014-9023 | Twilio Project | Permissions, Privileges, and Access Controls vulnerability in Twilio Project Twilio The Twilio module 7.x-1.x before 7.x-1.9 for Drupal does not properly restrict access to the Twilio administration pages, which allows remote authenticated users to read and modify authentication tokens by leveraging the "access administration pages" Drupal permission. | 5.5 |
2014-11-19 | CVE-2014-8594 | Opensuse Debian XEN | Improper Input Validation vulnerability in multiple products The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging (HAP). | 5.4 |
2014-11-18 | CVE-2014-4452 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462. | 5.4 |
2014-11-21 | CVE-2014-8090 | Ruby Lang | Incomplete Fix XML External Entity Denial of Service vulnerability in Ruby The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. | 5.0 |
2014-11-21 | CVE-2014-8000 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Communications Manager IM and Presence Service 9.1(1) Cisco Unified Communications Manager IM and Presence Service 9.1(1) produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts via a series of requests, aka Bug ID CSCur63497. | 5.0 |
2014-11-20 | CVE-2014-9025 | Commerceguys | Information Exposure vulnerability in Commerceguys Commerce 7.X1.0/7.X1.1 The default checkout completion rule in the commerce_order module in the Drupal Commerce module 7.x-1.x before 7.x-1.10 for Drupal uses the email address as the username for new accounts created at checkout, which allows remote attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2014-11-20 | CVE-2014-8768 | Opensuse Canonical Oracle Redhat | Integer Underflow (Wrap OR Wraparound) vulnerability in multiple products Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame. | 5.0 |
2014-11-20 | CVE-2014-8767 | Redhat Opensuse | Numeric Errors vulnerability in Redhat Tcpdump Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame. | 5.0 |
2014-11-20 | CVE-2014-8493 | ZTE | Permissions, Privileges, and Access Controls vulnerability in ZTE Zxhn H108L Firmware 4.0.0Dzrqgr4 ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1. | 5.0 |
2014-11-20 | CVE-2014-3625 | Vmware Pivotal Software | Path Traversal vulnerability in multiple products Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling. | 5.0 |
2014-11-20 | CVE-2014-9006 | Monstra | Credentials Management vulnerability in Monstra Monstra 3.0.1 and earlier uses a cookie to track how many login attempts have been attempted, which allows remote attackers to conduct brute force login attacks by deleting the login_attempts cookie or setting it to certain values. | 5.0 |
2014-11-20 | CVE-2014-8995 | Maarch | SQL Injection vulnerability in Maarch Letterbox 2.8 SQL injection vulnerability in Maarch LetterBox 2.8 allows remote attackers to execute arbitrary SQL commands via the UserId cookie. | 5.0 |
2014-11-19 | CVE-2014-6622 | Arubanetworks | Information Exposure vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote attackers to determine the validity of filenames via unspecified vectors. | 5.0 |
2014-11-19 | CVE-2014-6621 | Arubanetworks | Information Exposure vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not disable the troubleshooting and diagnostics page in production systems, which allows remote attackers to obtain version numbers, module configuration, and other sensitive information by reading the page. | 5.0 |
2014-11-18 | CVE-2014-7829 | Opensuse Rubyonrails | Path Traversal vulnerability in multiple products Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21, 4.0.x before 4.0.12, 4.1.x before 4.1.8, and 4.2.x before 4.2.0.beta4, when serve_static_assets is enabled, allows remote attackers to determine the existence of files outside the application root via vectors involving a \ (backslash) character, a similar issue to CVE-2014-7818. | 5.0 |
2014-11-18 | CVE-2014-3620 | Haxx Apple | Cryptographic Issues vulnerability in multiple products cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain. | 5.0 |
2014-11-18 | CVE-2014-3613 | Haxx Apple | Cryptographic Issues vulnerability in multiple products cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1. | 5.0 |
2014-11-18 | CVE-2014-4458 | Apple | Information Exposure vulnerability in Apple mac OS X The "System Profiler About This Mac" component in Apple OS X before 10.10.1 includes extraneous cookie data in system-model requests, which might allow remote attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2014-11-18 | CVE-2014-4453 | Apple | Information Exposure vulnerability in Apple Iphone OS and mac OS X Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2014-11-18 | CVE-2014-7992 | Cisco | Information Exposure vulnerability in Cisco IOS The DLSw implementation in Cisco IOS does not initialize packet buffers, which allows remote attackers to obtain sensitive credential information from process memory via a session on TCP port 2067, aka Bug ID CSCur14014. | 5.0 |
2014-11-18 | CVE-2014-6098 | IBM | Credentials Management vulnerability in IBM Security Identity Manager IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to discover cleartext passwords via a crafted request. | 5.0 |
2014-11-18 | CVE-2014-6095 | IBM | Path Traversal vulnerability in IBM Security Identity Manager Directory traversal vulnerability in IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |
2014-11-21 | CVE-2014-8683 | Gogits | Cross-Site Scripting vulnerability in Gogits Gogs Cross-site scripting (XSS) vulnerability in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.8 allows remote attackers to inject arbitrary web script or HTML via the text parameter to api/v1/markdown. | 4.3 |
2014-11-21 | CVE-2014-8539 | Simple Email Form Project | Cross-Site Scripting vulnerability in Simple Email Form Project Simple Email Form 1.8.5 Cross-site scripting (XSS) vulnerability in Simple Email Form 1.8.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the mod_simpleemailform_field2_1 parameter to index.php. | 4.3 |
2014-11-21 | CVE-2014-8469 | Moxi9 | Cross-Site Scripting vulnerability in Moxi9 PHPfox Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in Moxi9 PHPFox before 4 Beta allows remote attackers to inject arbitrary web script or HTML via the User-Agent header. | 4.3 |
2014-11-20 | CVE-2014-9021 | Zteusa | Cross-Site Scripting vulnerability in Zteusa Zxdsl 831 Multiple cross-site scripting (XSS) vulnerabilities in ZTE ZXDSL 831 allow remote attackers to inject arbitrary web script or HTML via the (1) tr69cAcsURL, (2) tr69cAcsUser, (3) tr69cAcsPwd, (4) tr69cConnReqPwd, or (5) tr69cDebugEnable parameter to the TR-069 client page (tr69cfg.cgi); the (6) timezone parameter to the Time and date page (sntpcfg.sntp); or the (7) hostname parameter in a save action to the Quick Stats page (psilan.cgi). | 4.3 |
2014-11-20 | CVE-2014-9020 | ZTE | Cross-Site Scripting vulnerability in ZTE Zxdsl 831 and Zxdsl 831Cii Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi) in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action. | 4.3 |
2014-11-20 | CVE-2014-9004 | VLD Interactive | Cross-Site Scripting vulnerability in VLD Interactive Vldpersonals Cross-site scripting (XSS) vulnerability in vldPersonals before 2.7.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a member_profile action to index.php. | 4.3 |
2014-11-20 | CVE-2014-8996 | Nibbleblog | Cross-Site Scripting vulnerability in Nibbleblog 4.0.1 Multiple cross-site scripting (XSS) vulnerabilities in Nibbleblog before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) author_name or (2) content parameter to index.php. | 4.3 |
2014-11-19 | CVE-2014-8629 | Pandorafms | Cross-Site Scripting vulnerability in Pandorafms Pandora Flexible Monitoring System Cross-site scripting (XSS) vulnerability in the Page visualization agents in Pandora FMS 5.1 SP1 and earlier allows remote attackers to inject arbitrary web script or HTML via the refr parameter to index.php. | 4.3 |
2014-11-19 | CVE-2014-7290 | Atlas Systems | Cross-Site Scripting vulnerability in Atlas Systems Aeon 3.5/3.6 Multiple cross-site scripting (XSS) vulnerabilities in Atlas Systems Aeon 3.5 and 3.6 allow remote attackers to inject arbitrary web script or HTML via the (1) Action or (2) Form parameter to aeon.dll. | 4.3 |
2014-11-18 | CVE-2014-8475 | Freebsd | Code vulnerability in Freebsd 10.0/9.1/9.2 FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos support, uses incorrect library ordering when linking sshd, which causes symbols to be resolved incorrectly and allows remote attackers to cause a denial of service (sshd deadlock and prevention of new connections) by ending multiple connections before authentication is completed. | 4.3 |
2014-11-18 | CVE-2014-6107 | IBM | Information Exposure vulnerability in IBM Security Identity Manager IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session. | 4.3 |
2014-11-18 | CVE-2014-6105 | IBM | Improper Input Validation vulnerability in IBM Security Identity Manager IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | 4.3 |
2014-11-18 | CVE-2014-6096 | IBM | Cross-Site Scripting vulnerability in IBM Security Identity Manager Cross-site scripting (XSS) vulnerability in IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2014-11-17 | CVE-2012-6665 | Phpmoneybooks | Path Traversal vulnerability in PHPmoneybooks 1.0.4 Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 allows remote attackers to read arbitrary files via a .. | 4.3 |
2014-11-17 | CVE-2012-1669 | Phpmoneybooks | Path Traversal vulnerability in PHPmoneybooks 1.0.2 Directory traversal vulnerability in index.php in phpMoneyBooks before 1.0.3 allows remote attackers to include and execute arbitrary local files via a .. | 4.3 |
2014-11-17 | CVE-2014-8955 | Megnicholas | Cross-Site Scripting vulnerability in Megnicholas Clean and Simple Contact Form 4.4.0 Cross-site scripting (XSS) vulnerability in the Contact Form Clean and Simple (clean-and-simple-contact-form-by-meg-nicholas) plugin 4.4.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the cscf[name] parameter to contact-us/. | 4.3 |
2014-11-17 | CVE-2014-8954 | Codecanyon | Cross-Site Scripting vulnerability in Codecanyon PHPsound 1.0.5 Multiple cross-site scripting (XSS) vulnerabilities in phpSound 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Description fields in a playlist or the (3) filter parameter in an explore action to index.php. | 4.3 |
2014-11-17 | CVE-2014-8732 | Phpmemcachedadmin Project | Cross-Site Scripting vulnerability in PHPmemcachedadmin Project PHPmemcachedadmin 1.2.2 Cross-site scripting (XSS) vulnerability in phpMemcachedAdmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-11-17 | CVE-2014-3629 | Apache | Data Processing Errors vulnerability in Apache Qpid 0.30 XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote attackers to cause outgoing HTTP connections via a crafted message. | 4.3 |
2014-11-23 | CVE-2014-6183 | IBM | Resource Management Errors vulnerability in IBM products IBM Security Network Protection 5.1 before 5.1.0.0 FP13, 5.1.1 before 5.1.1.0 FP8, 5.1.2 before 5.1.2.0 FP9, 5.1.2.1 before FP5, 5.2 before 5.2.0.0 FP5, and 5.3 before 5.3.0.0 FP1 on XGS devices allows remote authenticated users to execute arbitrary commands via unspecified vectors. | 4.0 |
2014-11-23 | CVE-2014-4807 | IBM | Resource Management Errors vulnerability in IBM Sterling Selling and Fulfillment Foundation Sterling Order Management in IBM Sterling Selling and Fulfillment Suite 9.3.0 before FP8 allows remote authenticated users to cause a denial of service (CPU consumption) via a '\0' character. | 4.0 |
2014-11-21 | CVE-2014-7195 | Tibco | Information Exposure vulnerability in Tibco products Spotfire Web Player Engine in TIBCO Spotfire Web Player 6.0.x before 6.0.2 and 6.5.x before 6.5.2, Spotfire Deployment Kit 6.0.x before 6.0.2 and 6.5.x before 6.5.2, and Silver Fabric Enabler for Spotfire Web Player before 1.6.1 allows remote authenticated users to obtain sensitive information via unspecified vectors. | 4.0 |
2014-11-20 | CVE-2014-9026 | Ubercart | Permissions, Privileges, and Access Controls vulnerability in Ubercart The Ubercart module 7.x-3.x before 7.x-3.7 for Drupal does not properly protect the per-user order history view, which allows remote authenticated users with the "view own orders" permission to obtain sensitive information via unspecified vectors. | 4.0 |
8 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-11-19 | CVE-2014-7828 | Freeipa | Permissions, Privileges, and Access Controls vulnerability in Freeipa FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote attackers to bypass the password requirement of the two-factor authentication leveraging an enabled OTP token, which triggers an anonymous bind. | 3.5 |
2014-11-18 | CVE-2014-4817 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Storage Manager The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a previously used filename. | 2.1 |
2014-11-18 | CVE-2014-4463 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature. | 2.1 |
2014-11-18 | CVE-2014-4460 | Apple | Information Exposure vulnerability in Apple Iphone OS and mac OS X CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files. | 2.1 |
2014-11-18 | CVE-2014-4455 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS and Tvos dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file. | 2.1 |
2014-11-18 | CVE-2014-6110 | IBM | Improper Access Control vulnerability in IBM Security Identity Manager IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properly perform logout actions, which allows remote attackers to access sessions by leveraging an unattended workstation. | 2.1 |
2014-11-17 | CVE-2014-0059 | Redhat | Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2.3, use world-readable permissions on audit.log, which allows local users to obtain sensitive information by reading this file. | 2.1 |
2014-11-19 | CVE-2014-8595 | Debian XEN Opensuse | Code vulnerability in multiple products arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction. | 1.9 |