Weekly Vulnerabilities Reports > December 1 to 7, 2014
Overview
111 new vulnerabilities reported during this period, including 5 critical vulnerabilities and 30 high severity vulnerabilities. This weekly summary report vulnerabilities in 126 products from 83 vendors including Zohocorp, Debian, Redhat, IBM, and Opensuse. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Information Exposure", "Permissions, Privileges, and Access Controls", and "Path Traversal".
- 93 reported vulnerabilities are remotely exploitables.
- 12 reported vulnerabilities have public exploit available.
- 49 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 98 reported vulnerabilities are exploitable by an anonymous user.
- Zohocorp has the most reported vulnerabilities, with 8 reported vulnerabilities.
- IBM has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
5 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-12-05 | CVE-2014-8877 | Creative Minds | Code Injection vulnerability in Creative Minds CM Download Manager 2.0.0/2.0.1/2.0.2 The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP create_function function. | 10.0 |
2014-12-03 | CVE-2014-9134 | Huawei | Unspecified vulnerability in Huawei products Unrestricted file upload vulnerability in Huawei Honor Cube Wireless Router WS860s before V100R001C02B222 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors. | 10.0 |
2014-12-02 | CVE-2014-9183 | ZTE | Credentials Management vulnerability in ZTE Zxdsl 831Cii ZTE ZXDSL 831CII has a default password of admin for the admin account, which allows remote attackers to gain administrator privileges. | 10.0 |
2014-12-06 | CVE-2014-6140 | IBM | Cryptographic Issues vulnerability in IBM Tivoli Endpoint Manager Mobile Device Management 9.0 IBM Tivoli Endpoint Manager Mobile Device Management (MDM) before 9.0.60100 uses the same secret HMAC token across different customers' installations, which allows remote attackers to execute arbitrary code via crafted marshalled Ruby objects in cookies to (1) Enrollment and Apple iOS Management Extender, (2) Self-service portal, (3) Trusted Services provider, or (4) Admin Portal. | 9.3 |
2014-12-06 | CVE-2014-4629 | EMC | Permissions, Privileges, and Access Controls vulnerability in EMC Documentum Content Server 6.7/7.0/7.1 EMC Documentum Content Server 7.0, 7.1 before 7.1 P10, and 6.7 before SP2 P19 allows remote authenticated users to read or delete arbitrary files via unspecified vectors related to an insecure direct object reference. | 9.0 |
30 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-12-07 | CVE-2014-9303 | Entrypass | Information Exposure vulnerability in Entrypass N5200 Active Network Control Panel EntryPass N5200 Active Network Control Panel allows remote attackers to read device memory and obtain the administrator username and password via a URL starting with an ASCII character o through z or A through D, different vectors than CVE-2014-8868. | 7.8 |
2014-12-07 | CVE-2014-8868 | Entrypass | Permissions, Privileges, and Access Controls vulnerability in Entrypass N5200 Active Network Control Panel EntryPass N5200 Active Network Control Panel does not properly restrict access, which allows remote attackers to obtain the administrator username and password, and possibly other sensitive information, via a request to /4. | 7.8 |
2014-12-05 | CVE-2014-7256 | IIJ | Resource Management Errors vulnerability in IIJ products The (1) PPP Access Concentrator (PPPAC) and (2) Dial-Up Networking Internet Initiative Japan Inc. | 7.8 |
2014-12-07 | CVE-2014-9304 | Plex | Permissions, Privileges, and Access Controls vulnerability in Plex Media Server 0.9.9.2 Plex Media Server before 0.9.9.3 allows remote attackers to bypass the web server whitelist, conduct SSRF attacks, and execute arbitrary administrative actions via multiple crafted X-Plex-Url headers to system/proxy, which are inconsistently processed by the request handler in the backend web server. | 7.5 |
2014-12-05 | CVE-2014-8990 | Debian Fedoraproject Lsyncd Project | Command Injection vulnerability in multiple products default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename. | 7.5 |
2014-12-05 | CVE-2014-9215 | Pbboard | SQL Injection vulnerability in Pbboard 2.1.4/3.0.1 SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in PBBoard 3.0.1 before 20141128 allows remote attackers to execute arbitrary SQL commands via the email parameter in the register page to index.php. | 7.5 |
2014-12-05 | CVE-2014-9144 | Technicolor | Command Injection vulnerability in Technicolor Td5130 Router Firmware 2.05.C29Gv Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field (setobject_ip parameter). | 7.5 |
2014-12-05 | CVE-2014-3997 | Zohocorp | SQL Injection vulnerability in Zohocorp products SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360 and IT360 Managed Service Providers (MSP) edition before 10.3.3 build 10330, and possibly other ManageEngine products, allows remote attackers or remote authenticated users to execute arbitrary SQL commands via the sv parameter to MetadataServlet.dat. | 7.5 |
2014-12-05 | CVE-2014-3996 | Manageengine | SQL Injection vulnerability in Manageengine Desktop Central, It360 and Password Manager PRO SQL injection vulnerability in the LinkViewFetchServlet servlet in ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90043, Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition before 7 build 7003, IT360 and IT360 Managed Service Providers (MSP) edition before 10.3.3 build 10330, and possibly other ManageEngine products, allows remote attackers or remote authenticated users to execute arbitrary SQL commands via the sv parameter to LinkViewFetchServlet.dat. | 7.5 |
2014-12-04 | CVE-2014-7868 | Zohocorp | SQL Injection vulnerability in Zohocorp products Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) OPM_BVNAME parameter in a Delete operation to the APMBVHandler servlet or (2) query parameter in a compare operation to the DataComparisonServlet servlet. | 7.5 |
2014-12-04 | CVE-2014-7867 | Zohocorp | SQL Injection vulnerability in Zohocorp products SQL injection vulnerability in the com.manageengine.opmanager.servlet.UpdateProbeUpgradeStatus servlet in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allows remote attackers or remote authenticated users to execute arbitrary SQL commands via the probeName parameter. | 7.5 |
2014-12-04 | CVE-2014-6035 | Zohocorp | Path Traversal vulnerability in Zohocorp Manageengine Opmanager 11.4 Directory traversal vulnerability in the FileCollector servlet in ZOHO ManageEngine OpManager 11.4, 11.3, and earlier allows remote attackers to write and execute arbitrary files via a .. | 7.5 |
2014-12-03 | CVE-2014-9242 | Websitebaker | SQL Injection vulnerability in Websitebaker 2.8.3 SQL injection vulnerability in admin/pages/modify.php in WebsiteBaker 2.8.3 allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | 7.5 |
2014-12-03 | CVE-2014-9240 | Mybb | SQL Injection vulnerability in Mybb 1.8.0/1.8.1 SQL injection vulnerability in member.php in MyBB (aka MyBulletinBoard) 1.8.x before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the question_id parameter in a do_register action. | 7.5 |
2014-12-03 | CVE-2014-9239 | Invisionpower Invisioncommunity | SQL Injection vulnerability in multiple products SQL injection vulnerability in the IPS Connect service (interface/ipsconnect/ipsconnect.php) in Invision Power Board (aka IPB or IP.Board) 3.3.x and 3.4.x through 3.4.7 before 20141114 allows remote attackers to execute arbitrary SQL commands via the id[] parameter. | 7.5 |
2014-12-03 | CVE-2014-9237 | Proticaret | SQL Injection vulnerability in Proticaret 3.0 SQL injection vulnerability in Proticaret E-Commerce 3.0 allows remote attackers to execute arbitrary SQL commands via a tem:Code element in a SOAP request. | 7.5 |
2014-12-03 | CVE-2013-7416 | Canto | Command Injection vulnerability in Canto Curses 0.8.4/0.9.0 canto_curses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metacharacters in a URL in a feed. | 7.5 |
2014-12-03 | CVE-2014-9220 | Fedoraproject Openvas Opensuse | SQL Injection vulnerability in multiple products SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command. | 7.5 |
2014-12-02 | CVE-2014-9178 | Smartypantsplugins | SQL Injection vulnerability in Smartypantsplugins SP Project & Document Manager 2.4.1 Multiple SQL injection vulnerabilities in classes/ajax.php in the Smarty Pants Plugins SP Project & Document Manager plugin (sp-client-document-manager) 2.4.1 and earlier for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) vendor_email[] parameter in the email_vendor function or id parameter in the (2) download_project, (3) download_archive, or (4) remove_cat function. | 7.5 |
2014-12-02 | CVE-2014-9175 | Wpdatatables | SQL Injection vulnerability in Wpdatatables 1.5.3 SQL injection vulnerability in wpdatatables.php in the wpDataTables plugin 1.5.3 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the table_id parameter in a get_wdtable action to wp-admin/admin-ajax.php. | 7.5 |
2014-12-02 | CVE-2014-9173 | Google DOC Embedder Project | SQL Injection vulnerability in Google DOC Embedder Project Google DOC Embedder SQL injection vulnerability in view.php in the Google Doc Embedder plugin before 2.5.15 for WordPress allows remote attackers to execute arbitrary SQL commands via the gpid parameter. | 7.5 |
2014-12-02 | CVE-2014-8728 | Subex | SQL Injection vulnerability in Subex ROC Fraud Management System SQL injection vulnerability in the login page (login/login) in Subex ROC Fraud Management (aka Fraud Management System and FMS) 7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the ranger_user[name] parameter. | 7.5 |
2014-12-01 | CVE-2014-9152 | Services Project | Credentials Management vulnerability in Services Project Services The _user_resource_create function in the Services module 7.x-3.x before 7.x-3.10 for Drupal uses a password of 1 when creating new user accounts, which makes it easier for remote attackers to guess the password via a brute force attack. | 7.5 |
2014-12-01 | CVE-2014-9151 | Services Project | Improper Access Control vulnerability in Services Project Services 7.X3.9 The Services module 7.x-3.x before 7.x-3.10 for Drupal does not properly limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative password. | 7.5 |
2014-12-06 | CVE-2014-8651 | KDE | Permissions, Privileges, and Access Controls vulnerability in KDE Kde-Workspace and Plasma-Desktop The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument. | 7.2 |
2014-12-05 | CVE-2014-7253 | Fujitsu | OS Command Injection vulnerability in Fujitsu products FUJITSU F-12C, ARROWS Tab LTE F-01D, ARROWS Kiss F-03D, and REGZA Phone T-01D for Android allows local users to execute arbitrary commands via unspecified vectors. | 7.2 |
2014-12-05 | CVE-2014-2273 | Huawei | Permissions, Privileges, and Access Controls vulnerability in Huawei P2-6011 Firmware V100R001C00B042 The hx170dec device driver in Huawei P2-6011 before V100R001C00B043 allows local users to read and write to arbitrary memory locations via unspecified vectors. | 7.2 |
2014-12-03 | CVE-2014-9141 | Thomsonreuters | Permissions, Privileges, and Access Controls vulnerability in Thomsonreuters Fixed Assets CS The installer in Thomson Reuters Fixed Assets CS 13.1.4 and earlier uses weak permissions for connectbgdl.exe, which allows local users to execute arbitrary code by modifying this program. | 7.2 |
2014-12-02 | CVE-2014-9113 | Cchgroup | Permissions, Privileges, and Access Controls vulnerability in Cchgroup Prosystem FX Engagement CCH Wolters Kluwer ProSystem fx Engagement (aka PFX Engagement) 7.1 and earlier uses weak permissions (Authenticated Users: Modify and Write) for the (1) Pfx.Engagement.WcfServices, (2) PFXEngDesktopService, (3) PFXSYNPFTService, and (4) P2EWinService service files in PFX Engagement\, which allows local users to obtain LocalSystem privileges via a Trojan horse file. | 7.2 |
2014-12-02 | CVE-2014-5284 | Ossec | Permissions, Privileges, and Access Controls vulnerability in Ossec host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root privileges by creating the temporary files before automatic IP blocking is performed. | 7.2 |
68 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-12-02 | CVE-2014-3065 | IBM | Code Injection vulnerability in IBM Java Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache. | 6.9 |
2014-12-07 | CVE-2014-9300 | Alfresco | Cross-Site Request Forgery (CSRF) vulnerability in Alfresco 4.2.F/5.0.A Cross-site request forgery (CSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition before 5.0.a allows remote attackers to hijack the authentication of users for requests that access unauthorized URLs and obtain user credentials via a URL in the url parameter. | 6.8 |
2014-12-03 | CVE-2014-8773 | Modx | Cross-Site Request Forgery (CSRF) vulnerability in Modx Revolution MODX Revolution 2.x before 2.2.15 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism by (1) omitting the CSRF token or via a (2) long string in the CSRF token parameter. | 6.8 |
2014-12-03 | CVE-2014-8771 | X3Cms | Cross-Site Request Forgery (CSRF) vulnerability in X3Cms X3 CMS 0.5.1/0.5.1.1 Multiple cross-site request forgery (CSRF) vulnerabilities in the admin area in X3 CMS 0.5.1 and 0.5.1.1 allow remote attackers to hijack the authentication of administrators via unspecified vectors. | 6.8 |
2014-12-03 | CVE-2014-8104 | Mageia Debian Opensuse Openvpn Canonical | Resource Management Errors vulnerability in multiple products OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet. | 6.8 |
2014-12-03 | CVE-2014-9235 | Zoph | SQL Injection vulnerability in Zoph Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes Photos) 0.9.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) _action parameter to group.php or (2) user.php or the (3) location_id parameter to photos.php in php/. | 6.5 |
2014-12-02 | CVE-2014-8789 | Gleamtech | Improper Input Validation vulnerability in Gleamtech Filevista GleamTech FileVista before 6.1 allows remote authenticated users to create arbitrary files and possibly execute arbitrary code via a crafted path in a zip archive, which is not properly handled during extraction. | 6.5 |
2014-12-07 | CVE-2014-9301 | Alfresco | Remote Security vulnerability in Alfresco 4.2.F Server-side request forgery (SSRF) vulnerability in the proxy servlet in Alfresco Community Edition before 5.0.a allows remote attackers to trigger outbound requests to intranet servers, conduct port scans, and read arbitrary files via a crafted URI in the endpoint parameter. | 6.4 |
2014-12-04 | CVE-2014-6036 | Zohocorp | Path Traversal vulnerability in Zohocorp products Directory traversal vulnerability in the multipartRequest servlet in ZOHO ManageEngine OpManager 11.3 and earlier, Social IT Plus 11.0, and IT360 10.3, 10.4, and earlier allows remote attackers or remote authenticated users to delete arbitrary files via a .. | 6.4 |
2014-12-02 | CVE-2014-3068 | IBM | Credentials Management vulnerability in IBM Java IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1 (7.1.1.1), 7 before SR7 FP1 (7.0.7.1), 6 R1 before SR8 FP1 (6.1.8.1), 6 before SR16 FP1 (6.0.16.1), and before 5.0 SR16 FP7 (5.0.16.7) allows attackers to obtain the private key from a Certificate Management System (CMS) keystore via a brute force attack. | 6.4 |
2014-12-02 | CVE-2014-8791 | Enalean | Code Injection vulnerability in Enalean Tuleap 7.6 project/register.php in Tuleap before 7.7, when sys_create_project_in_one_step is disabled, allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via the data parameter. | 6.0 |
2014-12-05 | CVE-2014-9292 | Jrss Widget Project | Remote Security vulnerability in Jrss Widget Server-side request forgery (SSRF) vulnerability in proxy.php in the jRSS Widget plugin 1.2 and earlier for WordPress allows remote attackers to trigger outbound requests and enumerate open ports via the url parameter. | 5.8 |
2014-12-02 | CVE-2014-8754 | AD Manager Project | Unspecified vulnerability in Ad-Manager Project Ad-Manager 1.1.2 Open redirect vulnerability in track-click.php in the Ad-Manager plugin 1.1.2 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the out parameter. | 5.8 |
2014-12-01 | CVE-2014-5268 | Fasttoggle Project | Permissions, Privileges, and Access Controls vulnerability in Fasttoggle Project Fasttoggle 7.X1.3/7.X1.4 The Fasttoggle module 7.x-1.3 and 7.x-1.4 for Drupal allows remote attackers to block or unblock an account via a crafted user status link. | 5.8 |
2014-12-07 | CVE-2014-9302 | Alfresco | Remote Security vulnerability in Community Edition Server-side request forgery (SSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition 5.0.a and earlier allows remote attackers to trigger outbound requests via a crafted URI in the url parameter. | 5.0 |
2014-12-06 | CVE-2014-9117 | Mantisbt | Improper Access Control vulnerability in Mantisbt MantisBT before 1.2.18 uses the public_key parameter value as the key to the CAPTCHA answer, which allows remote attackers to bypass the CAPTCHA protection mechanism by leveraging knowledge of a CAPTCHA answer for a public_key parameter value, as demonstrated by E4652 for the public_key value 0. | 5.0 |
2014-12-06 | CVE-2014-5429 | Elipse | Resource Management Errors vulnerability in Elipse E3, Power and Scada DNP Master Driver 3.02 and earlier in Elipse SCADA 2.29 build 141 and earlier, E3 1.0 through 4.6, and Elipse Power 1.0 through 4.6 allows remote attackers to cause a denial of service (CPU consumption) via malformed packets. | 5.0 |
2014-12-05 | CVE-2014-7259 | Square Enix CO LTD | Information Exposure vulnerability in Square Enix CO LTD Kaku SAN SEI Million Aruthur SQUARE ENIX Co., Ltd. | 5.0 |
2014-12-05 | CVE-2014-7255 | IIJ | Resource Exhaustion vulnerability in IIJ products Internet Initiative Japan Inc. | 5.0 |
2014-12-05 | CVE-2014-7243 | LG | Information Exposure vulnerability in LG L-03E, L-04D and L-09C LG Electronics Mobile WiFi router L-09C, L-03E, and L-04D does not restrict access to the web administration interface, which allows remote attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2014-12-05 | CVE-2014-9140 | Redhat | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat Tcpdump Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet. | 5.0 |
2014-12-05 | CVE-2014-8123 | Antiword Project | Buffer Errors vulnerability in Antiword Project Antiword 0.37 Buffer overflow in the bGetPPS function in wordole.c in Antiword 0.37 allows remote attackers to cause a denial of service (crash) via a crafted document. | 5.0 |
2014-12-04 | CVE-2014-6034 | Zohocorp | Path Traversal vulnerability in Zohocorp products Directory traversal vulnerability in the com.me.opmanager.extranet.remote.communication.fw.fe.FileCollector servlet in ZOHO ManageEngine OpManager 8.8 through 11.3, Social IT Plus 11.0, and IT360 10.4 and earlier allows remote attackers or remote authenticated users to write to and execute arbitrary WAR files via a .. | 5.0 |
2014-12-04 | CVE-2014-5446 | Zohocorp | Path Traversal vulnerability in Zohocorp Manageengine It360 and Manageengine Netflow Analyzer Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read arbitrary files via a .. | 5.0 |
2014-12-04 | CVE-2014-5445 | Zohocorp | Path Traversal vulnerability in Zohocorp Manageengine It360 and Manageengine Netflow Analyzer Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allow remote attackers or remote authenticated users to read arbitrary files via a full pathname in the schFilePath parameter to the (1) CSVServlet or (2) CReportPDFServlet servlet. | 5.0 |
2014-12-03 | CVE-2014-9238 | D Link | Path Traversal vulnerability in D-Link Dcs-2103 HD Cube Network Camera Firmware 1.0.0 D-link IP camera DCS-2103 with firmware 1.0.0 allows remote attackers to obtain the installation path via the file parameter to cgi-bin/sddownload.cgi, as demonstrated by a / (forward slash) character. | 5.0 |
2014-12-03 | CVE-2014-9234 | D Link | Path Traversal vulnerability in D-Link Dcs-2103 HD Cube Network Camera Firmware 1.0.0 Directory traversal vulnerability in cgi-bin/sddownload.cgi in D-link IP camera DCS-2103 with firmware 1.0.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-12-03 | CVE-2014-9018 | Icecast | Information Exposure vulnerability in Icecast Icecast before 2.4.1 transmits the output of the on-connect script, which might allow remote attackers to obtain sensitive information, related to shared file descriptors. | 5.0 |
2014-12-03 | CVE-2014-8775 | Modx | Information Exposure vulnerability in Modx Revolution MODX Revolution 2.x before 2.2.15 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. | 5.0 |
2014-12-02 | CVE-2014-9184 | ZTE | Improper Authentication vulnerability in ZTE Zxdsl 831Cii ZTE ZXDSL 831CII allows remote attackers to bypass authentication via a direct request to (1) main.cgi, (2) adminpasswd.cgi, (3) userpasswd.cgi, (4) upload.cgi, (5) conprocess.cgi, or (6) connect.cgi. | 5.0 |
2014-12-02 | CVE-2014-9181 | Plex | Path Traversal vulnerability in Plex Media Server 0.9.9.2 Multiple directory traversal vulnerabilities in Plex Media Server before 0.9.9.3 allow remote attackers to read arbitrary files via a .. | 5.0 |
2014-12-02 | CVE-2014-9180 | Eleanor CMS | Unspecified vulnerability in Eleanor-Cms Eleanor CMS Open redirect vulnerability in go.php in Eleanor CMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the QUERY_STRING. | 5.0 |
2014-12-02 | CVE-2014-9177 | Svnlabs | Information Exposure vulnerability in Svnlabs Html5 MP3 Player With Playlist Free 2.6 The HTML5 MP3 Player with Playlist Free plugin before 2.7 for WordPress allows remote attackers to obtain the installation path via a request to html5plus/playlist.php. | 5.0 |
2014-12-02 | CVE-2014-9116 | Suse Mutt Debian Mageia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function. | 5.0 |
2014-12-02 | CVE-2014-9112 | GNU Debian | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive. | 5.0 |
2014-12-02 | CVE-2014-8874 | Kennziffer | Information Exposure vulnerability in Kennziffer KE Questionnaire The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable names for the questionnaire answer forms, which makes it easier for remote attackers to obtain sensitive information via a direct request. | 5.0 |
2014-12-02 | CVE-2014-3703 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat Packstack 2012.2.1 OpenStack PackStack 2012.2.1, when the Open vSwitch (OVS) monolithic plug-in is not used, does not properly set the libvirt_vif_driver configuration option when generating the nova.conf configuration, which causes the firewall to be disabled and allows remote attackers to bypass intended access restrictions. | 5.0 |
2014-12-01 | CVE-2014-9050 | Clamav | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Clamav Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file. | 5.0 |
2014-12-01 | CVE-2014-8749 | AIT PRO | Unspecified vulnerability in Ait-Pro Bulletproof Security Server-side request forgery (SSRF) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to trigger outbound requests that authenticate to arbitrary databases via the dbhost parameter. | 5.0 |
2014-12-01 | CVE-2014-7816 | Redhat Microsoft | Path Traversal vulnerability in Redhat Undertow Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.17, 1.1.x before 1.1.0.CR5, and 1.2.x before 1.2.0.Beta3, when running on Windows, allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-12-01 | CVE-2014-2233 | Infoware | Cross-Site Request Forgery vulnerability in MapSuite MapAPI Server-side request forgery (SSRF) vulnerability in the MapAPI in Infoware MapSuite before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to trigger requests to intranet servers via unspecified vectors. | 5.0 |
2014-12-01 | CVE-2014-2232 | Infoware | Pathname Traversal and Equivalence Errors vulnerability in Infoware Mapsuite Absolute path traversal vulnerability in the MapAPI in Infoware MapSuite before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |
2014-12-01 | CVE-2014-8867 | Redhat XEN Debian Opensuse | Code vulnerability in multiple products The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors. | 4.9 |
2014-12-01 | CVE-2014-8866 | Debian XEN Opensuse | Code vulnerability in multiple products The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of registers while in 64-bit mode. | 4.7 |
2014-12-05 | CVE-2014-7254 | Fujitsu | Local Information Disclosure vulnerability in ARROWS Me F-11D Unspecified vulnerability in ARROWS Me F-11D allows physically proximate attackers to read or modify flash memory via unknown vectors. | 4.6 |
2014-12-05 | CVE-2014-7252 | Disney Interactive Fujitsu Sharp LG | Multiple Security vulnerability in OMAP Mobile Processors Syslink Driver Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and "improper data validation." | 4.6 |
2014-12-05 | CVE-2014-7258 | Kent WEB | Cross-Site Scripting vulnerability in Kent-Web Clip Board 2.91 Cross-site scripting (XSS) vulnerability in KENT-WEB Clip Board 2.91 and earlier, when running certain versions of Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-12-05 | CVE-2014-9212 | Altitude | Cross-Site Scripting vulnerability in Altitude Unified Customer Interaction 7.5 Multiple cross-site scripting (XSS) vulnerabilities in Altitude uAgent in Altitude uCI (Unified Customer Interaction) 7.5 allow remote attackers to inject arbitrary web script or HTML via (1) an email hyperlink or the (2) style parameter in the image attribute section. | 4.3 |
2014-12-05 | CVE-2014-9143 | Technicolor | Code vulnerability in Technicolor Td5130 Router Firmware 2.05.C29Gv Open redirect vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the failrefer parameter. | 4.3 |
2014-12-05 | CVE-2014-9142 | Technicolor | Cross-Site Scripting vulnerability in Technicolor Td5130 Router Firmware 2.05.C29Gv Cross-site scripting (XSS) vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to inject arbitrary web script or HTML via the failrefer parameter. | 4.3 |
2014-12-05 | CVE-2014-8800 | Nextendweb | Cross-Site Scripting vulnerability in Nextendweb Nextend Facebook Connect 1.5.0 Cross-site scripting (XSS) vulnerability in nextend-facebook-settings.php in the Nextend Facebook Connect plugin before 1.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fb_login_button parameter in a newfb_update_options action. | 4.3 |
2014-12-03 | CVE-2014-9243 | Websitebaker | Cross-Site Scripting vulnerability in Websitebaker 2.8.3 Multiple cross-site scripting (XSS) vulnerabilities in WebsiteBaker 2.8.3 allow remote attackers to inject arbitrary web script or HTML via the (1) QUERY_STRING to wb/admin/admintools/tool.php or (2) section_id parameter to edit_module_files.php, (3) news/add_post.php, (4) news/modify_group.php, (5) news/modify_post.php, or (6) news/modify_settings.php in wb/modules/. | 4.3 |
2014-12-03 | CVE-2014-9241 | Mybb | Cross-Site Scripting vulnerability in Mybb 1.8.0/1.8.1 Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) 1.8.x before 1.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) type parameter to report.php, (2) signature parameter in a do_editsig action to usercp.php, or (3) title parameter in the style-templates module in an edit_template action or (4) file parameter in the config-languages module in an edit action to admin/index.php. | 4.3 |
2014-12-03 | CVE-2014-9236 | Zoph | Cross-Site Scripting vulnerability in Zoph Cross-site scripting (XSS) vulnerability in php/edit_photos.php in Zoph (aka Zoph Organizes Photos) 0.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) photographer_id or (2) _crumb parameter. | 4.3 |
2014-12-03 | CVE-2014-8774 | Modx | Cross-Site Scripting vulnerability in Modx Revolution Cross-site scripting (XSS) vulnerability in manager/index.php in MODX Revolution 2.x before 2.2.15 allows remote attackers to inject arbitrary web script or HTML via the context_key parameter. | 4.3 |
2014-12-03 | CVE-2014-3988 | Sunhater | Cross-Site Scripting vulnerability in Sunhater Kcfinder Cross-site scripting (XSS) vulnerability in index.php in SunHater KCFinder 3.11 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) file or (2) directory (folder) name of an uploaded file. | 4.3 |
2014-12-02 | CVE-2014-9182 | Anchorcms | Cross-Site Scripting vulnerability in Anchorcms Anchor CMS 0.9.1 models/comment.php in Anchor CMS 0.9.2 and earlier allows remote attackers to inject arbitrary headers into mail messages via a crafted Host: header. | 4.3 |
2014-12-02 | CVE-2014-9176 | Instasqueeze | Cross-Site Scripting vulnerability in Instasqueeze Sexy Squeeze Pages Cross-site scripting (XSS) vulnerability in the InstaSqueeze Sexy Squeeze Pages plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter to lp/index.php. | 4.3 |
2014-12-02 | CVE-2014-9174 | Yoast | Cross-Site Scripting vulnerability in Yoast Google Analytics 5.1/5.1.1 Cross-site scripting (XSS) vulnerability in the Google Analytics by Yoast (google-analytics-for-wordpress) plugin before 5.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "Manually enter your UA code" (manual_ua_code_field) field in the General Settings. | 4.3 |
2014-12-01 | CVE-2014-9153 | Services Project | Cross-Site Scripting vulnerability in Services Project Services 7.X3.9 Cross-site scripting (XSS) vulnerability in the Services module 7.x-3.x before 7.x-3.10 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the callback parameter in a JSONP response. | 4.3 |
2014-12-01 | CVE-2014-7291 | Springshare | Cross-Site Scripting vulnerability in Springshare Libcal 2.0 Multiple cross-site scripting (XSS) vulnerabilities in api_events.php in Springshare LibCal 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) m or (2) cid parameter. | 4.3 |
2014-12-01 | CVE-2014-5237 | Open Xchange | Cross-Site Request Forgery vulnerability in Open-Xchange APP Suite 7.4.2/7.6.0 Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger requests to arbitrary servers and embed arbitrary images via a URL in an embedded image in a Text document, which is not properly handled by the image preview. | 4.3 |
2014-12-06 | CVE-2014-9278 | Openbsd Redhat | Improper Authentication vulnerability in Openbsd Openssh The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would force a local login. | 4.0 |
2014-12-02 | CVE-2014-9179 | Supportezzy Ticket System Project | Cross-Site Scripting vulnerability in Supportezzy Ticket System Project Supportezzy Ticket System 1.2.5 Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket System plugin 1.2.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the "URL (optional)" field in a new ticket. | 4.0 |
2014-12-02 | CVE-2014-8788 | Gleamtech | Information Exposure vulnerability in Gleamtech Filevista GleamTech FileVista before 6.1 allows remote authenticated users to obtain sensitive information via a crafted path when saving a zip file, which reveals the installation path in an error message. | 4.0 |
2014-12-01 | CVE-2014-9156 | Filefield Project | Information Exposure vulnerability in Filefield Project Filefield 6.X3.12 The FileField module 6.x-3.x before 6.x-3.13 for Drupal does not properly check permissions to view files, which allows remote authenticated users with permission to create or edit content to read private files by attaching an uploaded file. | 4.0 |
2014-12-01 | CVE-2014-9155 | Avatar Uploader Project | Path Traversal vulnerability in Avatar Uploader Project Avatar Uploader Directory traversal vulnerability in the Avatar Uploader module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.0-beta6 for Drupal allows remote authenticated users to read arbitrary files via a .. | 4.0 |
2014-12-01 | CVE-2014-9154 | Notify Project | Information Exposure vulnerability in Notify Project Notify 7.X1.0 The Notify module 7.x-1.x before 7.x-1.1 for Drupal does not properly restrict access to (1) new or (2) modified nodes or (3) their fields, which allows remote authenticated users to obtain node titles, teasers, and fields by reading a notification email. | 4.0 |
8 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-12-03 | CVE-2014-8772 | X3Cms | Cross-Site Scripting vulnerability in X3Cms X3 CMS 0.5.1/0.5.1.1 Cross-site scripting (XSS) vulnerability in the search_controller in X3 CMS 0.5.1 and 0.5.1.1 allows remote authenticated users to inject arbitrary web script or HTML via the search parameter. | 3.5 |
2014-12-06 | CVE-2014-7251 | Yokogawa | Improper Input Validation vulnerability in Yokogawa Fast/Tools XML external entity (XXE) vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service (CPU or network traffic consumption) or read arbitrary files via unspecified vectors. | 3.2 |
2014-12-06 | CVE-2014-3099 | IBM | Security vulnerability in IBM Systems Director Unspecified vulnerability in the Security component in IBM Systems Director 6.3.0 through 6.3.5 allows local users to obtain sensitive information via unknown vectors. | 2.1 |
2014-12-05 | CVE-2014-4703 | Nagios | Link Following vulnerability in Nagios 2.0.2 lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. | 2.1 |
2014-12-05 | CVE-2014-4702 | Nagios | Information Exposure vulnerability in Nagios 2.0.1 The check_icmp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701. | 2.1 |
2014-12-05 | CVE-2014-4701 | Nagios | Information Exposure vulnerability in Nagios 2.0.1 The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4702. | 2.1 |
2014-12-02 | CVE-2013-6494 | Fedup Project Fedoraproject | Code vulnerability in Fedup Project Fedup 0.9.0 fedup 0.9.0 in Fedora 19, 20, and 21 uses a temporary directory with a static name for its download cache, which allows local users to cause a denial of service (prevention of system updates). | 2.1 |
2014-12-01 | CVE-2013-6497 | Clamav | Code vulnerability in Clamav clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file. | 2.1 |