Weekly Vulnerabilities Reports > November 24 to 30, 2014
Overview
102 new vulnerabilities reported during this period, including 9 critical vulnerabilities and 16 high severity vulnerabilities. This weekly summary report vulnerabilities in 84 products from 56 vendors including Moodle, Debian, Digium, Wordpress, and IBM. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Input Validation", "Information Exposure", and "Cross-Site Request Forgery (CSRF)".
- 97 reported vulnerabilities are remotely exploitables.
- 3 reported vulnerabilities have public exploit available.
- 33 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 77 reported vulnerabilities are exploitable by an anonymous user.
- Moodle has the most reported vulnerabilities, with 15 reported vulnerabilities.
- Adobe has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
9 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-11-28 | CVE-2014-8423 | Arris | Injection vulnerability in Arris Vap2500 Firmware 08.41 Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors. | 10.0 |
2014-11-26 | CVE-2014-8551 | Siemens | Code Injection vulnerability in Siemens products The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets. | 10.0 |
2014-11-26 | CVE-2014-7247 | Justsystems | Data Processing Errors vulnerability in Justsystems Ichitaro and Ichitaro PRO Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file. | 10.0 |
2014-11-25 | CVE-2014-8439 | Adobe | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and before 11.2.202.424 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors. | 10.0 |
2014-11-28 | CVE-2014-7178 | Enalean | Improper Input Validation vulnerability in Enalean Tuleap Enalean Tuleap before 7.5.99.6 allows remote attackers to execute arbitrary commands via the User-Agent header, which is provided to the passthru PHP function. | 9.3 |
2014-11-25 | CVE-2014-8420 | Sonicwall | Improper Input Validation vulnerability in Sonicwall Analyzer, Global Management System and UMA Em5000 The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors. | 9.0 |
2014-11-25 | CVE-2014-8368 | Arubanetworks | Permissions, Privileges, and Access Controls vulnerability in Arubanetworks Airwave The web interface in Aruba Networks AirWave before 7.7.14 and 8.x before 8.0.5 allows remote authenticated users to gain privileges and execute arbitrary commands via unspecified vectors. | 9.0 |
2014-11-24 | CVE-2014-8418 | Digium | Permissions, Privileges, and Access Controls vulnerability in Digium Asterisk and Certified Asterisk The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8 before 1.8.28-cert8 and 11.6 before 11.6-cert8 allows remote authenticated users to gain privileges via a call from an external protocol, as demonstrated by the AMI protocol. | 9.0 |
2014-11-24 | CVE-2014-5314 | Cybozu | Buffer Errors vulnerability in Cybozu Dezie, Mailwise and Office Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages. | 9.0 |
16 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-11-28 | CVE-2014-8425 | Arris | Information Exposure vulnerability in Arris Vap2500 Firmware 08.41 The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files. | 7.8 |
2014-11-28 | CVE-2014-8424 | Arris | Improper Authentication vulnerability in Arris Vap2500 Firmware 08.41 ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication. | 7.8 |
2014-11-25 | CVE-2014-8678 | Manageengine | Information Exposure vulnerability in Manageengine Oputils 7.0 The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote attackers to "disclose" files via a crafted filename, related to "saveFile." | 7.8 |
2014-11-28 | CVE-2014-9089 | Debian Mantisbt | SQL Injection vulnerability in multiple products Multiple SQL injection vulnerabilities in view_all_bug_page.php in MantisBT before 1.2.18 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to view_all_set.php. | 7.5 |
2014-11-26 | CVE-2014-9097 | Apptha | SQL Injection vulnerability in Apptha Contus Video Gallery 2.5 Multiple SQL injection vulnerabilities in the Apptha WordPress Video Gallery (contus-video-gallery) plugin 2.5, possibly as distributed before 2014-07-23, for WordPress allow (1) remote attackers to execute arbitrary SQL commands via the vid parameter in a myextract action to wp-admin/admin-ajax.php or (2) remote authenticated users to execute arbitrary SQL commands via the playlistId parameter in the newplaylist page or (3) videoId parameter in a newvideo page to wp-admin/admin.php. | 7.5 |
2014-11-26 | CVE-2014-9096 | Pligg | SQL Injection vulnerability in Pligg CMS Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) n parameter. | 7.5 |
2014-11-26 | CVE-2014-9095 | Raritan | SQL Injection vulnerability in Raritan Power IQ 4.1.0/4.2.1 Multiple SQL injection vulnerabilities in Raritan Power IQ 4.1.0 and 4.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to license/records. | 7.5 |
2014-11-26 | CVE-2014-9093 | Libreoffice Fedoraproject Canonical Debian | Improper Input Validation vulnerability in multiple products LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file. | 7.5 |
2014-11-25 | CVE-2014-8002 | Cisco | Buffer Errors vulnerability in Cisco Openh264 1.2.0 Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file. | 7.5 |
2014-11-25 | CVE-2014-8001 | Cisco | Buffer Errors vulnerability in Cisco Openh264 1.2.0 Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file. | 7.5 |
2014-11-25 | CVE-2014-8367 | Arubanetworks | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager SQL injection vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) 6.2.x, 6.3.x before 6.3.6, and 6.4.x before 6.4.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2014-11-24 | CVE-2014-8413 | Digium | Permissions, Privileges, and Access Controls vulnerability in Digium Asterisk The res_pjsip_acl module in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 does not properly create and load ACLs defined in pjsip.conf at startup, which allows remote attackers to bypass intended PJSIP ACL rules. | 7.5 |
2014-11-24 | CVE-2014-7845 | Moodle | Credentials Management vulnerability in Moodle The generate_password function in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide a sufficient number of possible temporary passwords, which allows remote attackers to obtain access via a brute-force attack. | 7.5 |
2014-11-26 | CVE-2014-8419 | Wibu | Permissions, Privileges, and Access Controls vulnerability in Wibu Codemeter Runtime 5.10C Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read and write access for all users) for codemeter.exe, which allows local users to gain privileges via a Trojan horse file. | 7.2 |
2014-11-25 | CVE-2014-1421 | Canonical | Permissions, Privileges, and Access Controls vulnerability in Canonical Ubuntu Linux 14.10 mountall 1.54, as used in Ubuntu 14.10, does not properly handle the umask when using the mount utility, which allows local users to bypass intended access restrictions via unspecified vectors. | 7.2 |
2014-11-24 | CVE-2014-9030 | XEN Debian Opensuse | Improper Input Validation vulnerability in multiple products The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE. | 7.1 |
68 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-11-28 | CVE-2014-8429 | Xavoc | Cross-Site Request Forgery (CSRF) vulnerability in Xavoc Xepan CMS 1.0.1/1.0.4/1.0.4.1 Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to the owner/users page. | 6.8 |
2014-11-28 | CVE-2014-4829 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM products Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 6.8 |
2014-11-26 | CVE-2014-9104 | Openvpn | Cross-Site Request Forgery (CSRF) vulnerability in Openvpn Access Server 1.5.6 Multiple cross-site request forgery (CSRF) vulnerabilities in the XML-RPC API in the Desktop Client in OpenVPN Access Server 1.5.6 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) disconnecting established VPN sessions, (2) connect to arbitrary VPN servers, or (3) create VPN profiles and execute arbitrary commands via crafted API requests. | 6.8 |
2014-11-26 | CVE-2014-9101 | Skalfa Oxwall | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall 1.7.0 (build 7907 and 7906) and SkaDate Lite 2.0 (build 7651) allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks or possibly have other unspecified impact via the (1) label parameter to admin/users/roles/, (2) lang[1][base][questions_account_type_5615100a931845eca8da20cfdf7327e0] in an AddAccountType action or (3) qst_name parameter in an addQuestion action to admin/questions/ajax-responder/, or (4) form_name or (5) restrictedUsername parameter to admin/restricted-usernames. | 6.8 |
2014-11-26 | CVE-2014-9099 | Whydowork Adsense Project | Cross-Site Request Forgery (CSRF) vulnerability in Whydowork Adsense Project Whydowork Adsense 1.2 Cross-site request forgery (CSRF) vulnerability in the WhyDoWork AdSense plugin 1.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via a request to the whydowork_adsense page in wp-admin/options-general.php. | 6.8 |
2014-11-25 | CVE-2014-9037 | Mageia Project Wordpress Debian | Cryptographic Issues vulnerability in multiple products WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to obtain access to an account idle since 2008 by leveraging an improper PHP dynamic type comparison for an MD5 hash. | 6.8 |
2014-11-25 | CVE-2014-9033 | Wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Wordpress Cross-site request forgery (CSRF) vulnerability in wp-login.php in WordPress 3.7.4, 3.8.4, 3.9.2, and 4.0 allows remote attackers to hijack the authentication of arbitrary users for requests that reset passwords. | 6.8 |
2014-11-24 | CVE-2014-9015 | Drupal Debian | Permissions, Privileges, and Access Controls vulnerability in multiple products Drupal 6.x before 6.34 and 7.x before 7.34 allows remote attackers to hijack sessions via a crafted request, as demonstrated by a crafted request to a server that supports both HTTP and HTTPS sessions. | 6.8 |
2014-11-24 | CVE-2014-7838 | Moodle | Cross-Site Request Forgery (CSRF) vulnerability in Moodle Multiple cross-site request forgery (CSRF) vulnerabilities in the Forum module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for requests that set a tracking preference within (1) mod/forum/deprecatedlib.php, (2) mod/forum/forum.js, (3) mod/forum/index.php, or (4) mod/forum/lib.php. | 6.8 |
2014-11-24 | CVE-2014-7836 | Moodle | Cross-Site Request Forgery (CSRF) vulnerability in Moodle Multiple cross-site request forgery (CSRF) vulnerabilities in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for a (1) mod/lti/request_tool.php or (2) mod/lti/instructor_edit_tool_type.php request. | 6.8 |
2014-11-30 | CVE-2014-8959 | Opensuse Phpmyadmin | Path Traversal vulnerability in multiple products Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter. | 6.5 |
2014-11-26 | CVE-2014-9102 | Kunena | SQL Injection vulnerability in Kunena Multiple SQL injection vulnerabilities in the Kunena component before 3.0.6 for Joomla! allow remote authenticated users to execute arbitrary SQL commands via the index value in an array parameter, as demonstrated by the topics[] parameter in an unfavorite action to index.php. | 6.5 |
2014-11-25 | CVE-2014-8558 | Jexperts | Permissions, Privileges, and Access Controls vulnerability in Jexperts Channel Platform 5.0.33Ccb JExperts Channel Platform 5.0.33_CCB allows remote authenticated users to bypass access restrictions via crafted action and key parameters. | 6.5 |
2014-11-24 | CVE-2014-8417 | Digium | Permissions, Privileges, and Access Controls vulnerability in Digium Asterisk and Certified Asterisk ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 11.6 before 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or (2) execute arbitrary system commands via a crafted ConfbridgeStartRecord AMI action. | 6.5 |
2014-11-30 | CVE-2014-9150 | Adobe Microsoft | Race Condition vulnerability in Adobe Acrobat and Acrobat Reader Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568. | 6.4 |
2014-11-26 | CVE-2014-7142 | Oracle Canonical Squid Cache | Improper Input Validation vulnerability in multiple products The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size. | 6.4 |
2014-11-26 | CVE-2014-7141 | Squid Cache | Data Processing Errors vulnerability in Squid-Cache Squid The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet. | 6.4 |
2014-11-25 | CVE-2014-9038 | Wordpress | Improper Input Validation vulnerability in Wordpress wp-includes/http.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to conduct server-side request forgery (SSRF) attacks by referring to a 127.0.0.0/8 resource. | 6.4 |
2014-11-25 | CVE-2014-7839 | Redhat | Improper Input Validation vulnerability in Redhat Resteasy 2.3.7/3.0.9 DocumentProvider in RESTEasy 2.3.7 and 3.0.9 does not configure the (1) external-general-entities or (2) external-parameter-entities features, which allows remote attackers to conduct XML external entity (XXE) attacks via unspecified vectors. | 6.4 |
2014-11-24 | CVE-2014-1424 | Ubuntu Canonical | Permissions, Privileges, and Access Controls vulnerability in multiple products apparmor_parser in the apparmor package before 2.8.95~2430-0ubuntu5.1 in Ubuntu 14.04 allows attackers to bypass AppArmor policies via unspecified vectors, related to a "miscompilation flaw." | 6.4 |
2014-11-24 | CVE-2010-5312 | Debian Jqueryui Fedoraproject Netapp Apache Drupal | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option. | 6.1 |
2014-11-28 | CVE-2014-4831 | IBM | Improper Authentication vulnerability in IBM Qradar Risk Manager and Qradar vulnerability Manager IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to hijack sessions via unspecified vectors. | 5.8 |
2014-11-24 | CVE-2014-7837 | Moodle | Permissions, Privileges, and Access Controls vulnerability in Moodle mod/wiki/admin.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to remove wiki pages by leveraging delete access within a different subwiki. | 5.5 |
2014-11-28 | CVE-2014-8801 | Strangerstudios | Path Traversal vulnerability in Strangerstudios Paid Memberships PRO Directory traversal vulnerability in services/getfile.php in the Paid Memberships Pro plugin before 1.7.15 for WordPress allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-11-28 | CVE-2014-8799 | Dukapress | Path Traversal vulnerability in Dukapress Directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in the DukaPress plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-11-28 | CVE-2014-6075 | IBM | Information Exposure vulnerability in IBM products IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, place credentials in URLs, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history. | 5.0 |
2014-11-28 | CVE-2014-3407 | Cisco | Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance Software The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888. | 5.0 |
2014-11-27 | CVE-2014-5426 | Matrikonopc | Code vulnerability in Matrikonopc Dnp3 OPC Server 1.2.3 MatrikonOPC OPC Server for DNP3 1.2.3 and earlier allows remote attackers to cause a denial of service (unhandled exception and DNP3 process crash) via a crafted message. | 5.0 |
2014-11-26 | CVE-2014-2037 | Xelerance | Improper Input Validation vulnerability in Xelerance Openswan 2.6.40 Openswan 2.6.40 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. | 5.0 |
2014-11-26 | CVE-2014-8552 | Siemens | Information Exposure vulnerability in Siemens products The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets. | 5.0 |
2014-11-26 | CVE-2014-8005 | Cisco | Race Condition vulnerability in Cisco IOS XR Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (process reload) by establishing many TCP sessions, aka Bug ID CSCuq45239. | 5.0 |
2014-11-25 | CVE-2014-9034 | Wordpress | Data Processing Errors vulnerability in Wordpress wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue to CVE-2014-9016. | 5.0 |
2014-11-25 | CVE-2014-8004 | Cisco | Resource Management Errors vulnerability in Cisco IOS XR Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378. | 5.0 |
2014-11-24 | CVE-2014-9016 | Drupal Secure Password Hashes Project Debian | The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes (aka phpass) module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request. | 5.0 |
2014-11-24 | CVE-2014-8416 | Digium | Improper Input Validation vulnerability in Digium Asterisk Use-after-free vulnerability in the PJSIP channel driver in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1, when using the res_pjsip_refer module, allows remote attackers to cause a denial of service (crash) via an in-dialog INVITE with Replaces message, which triggers the channel to be hung up. | 5.0 |
2014-11-24 | CVE-2014-8415 | Digium | Improper Input Validation vulnerability in Digium Asterisk Race condition in the chan_pjsip channel driver in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 allows remote attackers to cause a denial of service (assertion failure and crash) via a cancel request for a SIP session with a queued action to (1) answer a session or (2) send ringing. | 5.0 |
2014-11-24 | CVE-2014-8414 | Digium | Resource Management Errors vulnerability in Digium Asterisk and Certified Asterisk ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 before 11.6-cert8 does not properly handle state changes, which allows remote attackers to cause a denial of service (channel hang and memory consumption) by causing transitions to be delayed, which triggers a state change from hung up to waiting for media. | 5.0 |
2014-11-24 | CVE-2014-8412 | Digium | Permissions, Privileges, and Access Controls vulnerability in Digium Asterisk and Certified Asterisk The (1) VoIP channel drivers, (2) DUNDi, and (3) Asterisk Manager Interface (AMI) in Asterisk Open Source 1.8.x before 1.8.32.1, 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8.28 before 1.8.28-cert3 and 11.6 before 11.6-cert8 allows remote attackers to bypass the ACL restrictions via a packet with a source IP that does not share the address family as the first ACL entry. | 5.0 |
2014-11-24 | CVE-2014-9060 | Moodle | Improper Input Validation vulnerability in Moodle The LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not properly restrict the parameters used in a return URL, which allows remote attackers to trigger the generation of arbitrary messages via a modified URL, related to mod/lti/locallib.php and mod/lti/return.php. | 5.0 |
2014-11-24 | CVE-2014-7848 | Moodle | Information Exposure vulnerability in Moodle lib/phpunit/bootstrap.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message. | 5.0 |
2014-11-24 | CVE-2014-7847 | Moodle | Resource Management Errors vulnerability in Moodle iplookup/index.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote attackers to cause a denial of service (resource consumption) by triggering the calculation of an estimated latitude and longitude for an IP address. | 5.0 |
2014-11-24 | CVE-2014-5325 | Directwebremoting | Information Exposure vulnerability in Directwebremoting Direct web Remoting 2.0.10/3.0 The (1) DOMConverter, (2) JDOMConverter, (3) DOM4JConverter, and (4) XOMConverter functions in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allow remote attackers to read arbitrary files via DOM data containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 5.0 |
2014-11-30 | CVE-2014-8989 | Linux | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups" issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c. | 4.6 |
2014-11-30 | CVE-2014-8958 | Phpmyadmin | Cross-Site Scripting vulnerability in PHPmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is improperly handled during rendering of the table browse page; a crafted ENUM value that is improperly handled during rendering of the (4) table print view or (5) zoom search page; or (6) a crafted pma_fontsize cookie that is improperly handled during rendering of the home page. | 4.3 |
2014-11-28 | CVE-2014-7850 | Freeipa | Cross-Site Scripting vulnerability in Freeipa Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation. | 4.3 |
2014-11-28 | CVE-2014-4883 | Lwip Project | Insufficient Verification of Data Authenticity vulnerability in Lwip Project Lwip 1.4.1 resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle attackers to conduct cache-poisoning attacks via spoofed reply packets. | 4.3 |
2014-11-28 | CVE-2014-4832 | IBM | Information Exposure vulnerability in IBM products IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session. | 4.3 |
2014-11-26 | CVE-2014-9103 | Kunena | Cross-Site Scripting vulnerability in Kunena Multiple cross-site scripting (XSS) vulnerabilities in the Kunena component before 3.0.6 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) index value of an array parameter or the filename parameter in the Content-Disposition header to the (2) file or (3) profile image upload functionality. | 4.3 |
2014-11-26 | CVE-2014-9100 | Whydowork Adsense Project | Cross-Site Scripting vulnerability in Whydowork Adsense Project Whydowork Adsense 1.2 Cross-site scripting (XSS) vulnerability in the WhyDoWork AdSense plugin 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the idcode parameter in the whydowork_adsense page to wp-admin/options-general.php. | 4.3 |
2014-11-26 | CVE-2014-9094 | Digitalzoomstudio | Cross-Site Scripting vulnerability in Digitalzoomstudio Video Gallery Multiple cross-site scripting (XSS) vulnerabilities in deploy/designer/preview.php in the Digital Zoom Studio (DZS) Video Gallery plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) swfloc or (2) designrand parameter. | 4.3 |
2014-11-26 | CVE-2014-6196 | IBM | Cross-Site Scripting vulnerability in IBM web Experience Factory Cross-site scripting (XSS) vulnerability in IBM Web Experience Factory (WEF) 6.1.5 through 8.5.0.1, as used in WebSphere Dashboard Framework (WDF) and Lotus Widget Factory (LWF), allows remote attackers to inject arbitrary web script or HTML by leveraging a Dojo builder error in an unspecified WebSphere Portal configuration, leading to improper construction of a response page by an application. | 4.3 |
2014-11-25 | CVE-2014-9039 | Debian Mageia Project Wordpress | 7PK - Security Features vulnerability in multiple products wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to reset passwords by leveraging access to an e-mail account that received a password-reset message. | 4.3 |
2014-11-25 | CVE-2014-9036 | Wordpress Debian | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted Cascading Style Sheets (CSS) token sequence in a post. | 4.3 |
2014-11-25 | CVE-2014-9035 | Wordpress Debian | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Press This in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-11-25 | CVE-2014-9032 | Wordpress | Cross-Site Scripting vulnerability in Wordpress Cross-site scripting (XSS) vulnerability in the media-playlists feature in WordPress before 3.9.x before 3.9.3 and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-11-25 | CVE-2014-9031 | Wordpress | Cross-Site Scripting vulnerability in Wordpress Cross-site scripting (XSS) vulnerability in the wptexturize function in WordPress before 3.7.5, 3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows remote attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post. | 4.3 |
2014-11-24 | CVE-2012-6662 | Redhat Jqueryui | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo. | 4.3 |
2014-11-24 | CVE-2014-9059 | Moodle | Cross-Site Scripting vulnerability in Moodle lib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide charset information in HTTP headers, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 characters during interaction with AJAX scripts. | 4.3 |
2014-11-24 | CVE-2014-5326 | Directwebremoting | Cross-Site Scripting vulnerability in Directwebremoting Direct web Remoting 2.0.10/3.0 Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-11-30 | CVE-2014-8961 | Phpmyadmin Opensuse | Path Traversal vulnerability in multiple products Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter. | 4.0 |
2014-11-26 | CVE-2014-6610 | Digium | Data Processing Errors vulnerability in Digium Asterisk and Certified Asterisk Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a denial of service (crash) via an out of call message, which is not properly handled in the ReceiveFax dialplan application. | 4.0 |
2014-11-26 | CVE-2014-6609 | Digium | Improper Input Validation vulnerability in Digium Asterisk The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package. | 4.0 |
2014-11-24 | CVE-2014-8988 | Mantisbt | Permissions, Privileges, and Access Controls vulnerability in Mantisbt 1.2.17 MantisBT before 1.2.18 allows remote authenticated users to bypass the $g_download_attachments_threshold and $g_view_attachments_threshold restrictions and read attachments for private projects by leveraging access to a project that does not restrict access to attachments and a request to the download URL. | 4.0 |
2014-11-24 | CVE-2014-7846 | Moodle | Permissions, Privileges, and Access Controls vulnerability in Moodle tag/tag_autocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not consider the moodle/tag:edit capability before adding a tag, which allows remote authenticated users to bypass intended access restrictions via an AJAX request. | 4.0 |
2014-11-24 | CVE-2014-7834 | Moodle | Permissions, Privileges, and Access Controls vulnerability in Moodle mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions, which allows remote authenticated users to access a forum via the forum_get_discussions web service. | 4.0 |
2014-11-24 | CVE-2014-7833 | Moodle | Information Exposure vulnerability in Moodle mod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 sets a certain group ID to zero upon a database-entry change, which allows remote authenticated users to obtain sensitive information by accessing the database after an edit by a teacher. | 4.0 |
2014-11-24 | CVE-2014-7832 | Moodle | Permissions, Privileges, and Access Controls vulnerability in Moodle mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 performs access control at the course level rather than at the activity level, which allows remote authenticated users to bypass the mod/lti:view capability requirement by viewing an activity instance. | 4.0 |
2014-11-24 | CVE-2014-7831 | Moodle | Information Exposure vulnerability in Moodle lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not consider the moodle/grade:viewhidden capability before displaying hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role to access the get_grades web service. | 4.0 |
9 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-11-28 | CVE-2014-8994 | Check Diskio Project | Source Code vulnerability in Check Diskio Project Check Diskio 3.2.5 The check_diskio plugin 3.2.6 and earlier for Nagios and Icinga allows local users to write to arbitrary files via a symlink attack on a temporary file with a predictable name (tmp/check_diskio_status-*-*). | 3.6 |
2014-11-30 | CVE-2014-8960 | Phpmyadmin | Cross-Site Scripting vulnerability in PHPmyadmin Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename. | 3.5 |
2014-11-26 | CVE-2014-9098 | Apptha | Cross-Site Scripting vulnerability in Apptha Contus Video Gallery 2.5 Multiple cross-site scripting (XSS) vulnerabilities in the Apptha WordPress Video Gallery (contus-video-gallery) plugin 2.5, possibly before 2014-07-23, for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the videoadssearchQuery parameter to (1) videoads/videoads.php, (2) video/video.php, or (3) playlist/playlist.php. | 3.5 |
2014-11-26 | CVE-2014-6093 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Portal 7.0.0.0/7.0.0.1/8.0.0.0 Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x through 8.0.0.1 CF14, and 8.5.x before 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2014-11-24 | CVE-2014-8349 | Liferay | Cross-Site Scripting vulnerability in Liferay Portal 6.2 Cross-site scripting (XSS) vulnerability in Liferay Portal Enterprise Edition (EE) 6.2 SP8 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the _20_body parameter in the comment field in an uploaded file. | 3.5 |
2014-11-24 | CVE-2014-8986 | Mantisbt | Cross-Site Scripting vulnerability in Mantisbt Cross-site scripting (XSS) vulnerability in the selection list in the filters in the Configuration Report page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.17 allows remote administrators to inject arbitrary web script or HTML via a crafted config option, a different vulnerability than CVE-2014-8987. | 3.5 |
2014-11-24 | CVE-2014-7830 | Moodle | Cross-Site Scripting vulnerability in Moodle Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse capability to provide a searchcourse parameter. | 3.5 |
2014-11-24 | CVE-2014-8991 | Pypa Oracle | pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user. | 2.1 |
2014-11-24 | CVE-2014-7835 | Moodle | Cross-Site Scripting vulnerability in Moodle webservice/upload.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not ensure that a file upload is for a private or draft area, which allows remote authenticated users to upload files containing JavaScript, and consequently conduct cross-site scripting (XSS) attacks, by specifying the profile-picture area. | 2.1 |