Weekly Vulnerabilities Reports > December 15 to 21, 2014
Overview
133 new vulnerabilities reported during this period, including 9 critical vulnerabilities and 20 high severity vulnerabilities. This weekly summary report vulnerabilities in 148 products from 70 vendors including IBM, Zenoss, Ettercap Project, Canonical, and Debian. Vulnerabilities are notably categorized as "Cross-site Scripting", "Cross-Site Request Forgery (CSRF)", "Information Exposure", "Permissions, Privileges, and Access Controls", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".
- 126 reported vulnerabilities are remotely exploitables.
- 4 reported vulnerabilities have public exploit available.
- 33 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 107 reported vulnerabilities are exploitable by an anonymous user.
- IBM has the most reported vulnerabilities, with 25 reported vulnerabilities.
- SAP has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
9 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-12-19 | CVE-2014-7249 | Alliedtelesis | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Alliedtelesis products Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 9924SP, CentreCOM 9924T/4SP, Rapier 48i, and SwitchBlade4000 with firmware before 2.9.1-21 allows remote attackers to execute arbitrary code via a crafted HTTP POST request. | 10.0 |
2014-12-18 | CVE-2014-9406 | Arris | Credentials Management vulnerability in Arris Touchstone Tg862G/Ct Firmware 7.6.59S.Ct ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier has a default password of password for the admin account, which makes it easier for remote attackers to obtain access via a request to home_loggedout.php. | 10.0 |
2014-12-17 | CVE-2014-9387 | SAP | Permissions, Privileges, and Access Controls vulnerability in SAP Businessobjects 4.1 SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and gain privileges via a crafted CORBA call, aka SAP Note 2039905. | 10.0 |
2014-12-16 | CVE-2014-9373 | Manageengine | Path Traversal vulnerability in Manageengine Netflow Analyzer Directory traversal vulnerability in the CollectorConfInfoServlet servlet in ManageEngine NetFlow Analyzer allows remote attackers to execute arbitrary code via a .. | 10.0 |
2014-12-16 | CVE-2014-9371 | Zohocorp | Improper Input Validation vulnerability in Zohocorp Manageengine Desktop Central 9.0 The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object. | 10.0 |
2014-12-16 | CVE-2014-4936 | Malwarebytes | Insufficient Verification of Data Authenticity vulnerability in Malwarebytes products The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute arbitrary code by spoofing the update server and uploading an executable. | 9.3 |
2014-12-15 | CVE-2014-6261 | Zenoss | Code Injection vulnerability in Zenoss Core Zenoss Core through 5 Beta 3 does not properly implement the Check For Updates feature, which allows remote attackers to execute arbitrary code by (1) spoofing the callhome server or (2) deploying a crafted web site that is visited during a login session, aka ZEN-12657. | 9.3 |
2014-12-20 | CVE-2014-9193 | Innominate | Permissions, Privileges, and Access Controls vulnerability in Innominate Mguard Firmware Innominate mGuard with firmware before 7.6.6 and 8.x before 8.1.4 allows remote authenticated admins to obtain root privileges by changing a PPP configuration setting. | 9.0 |
2014-12-17 | CVE-2014-4626 | EMC | Permissions, Privileges, and Access Controls vulnerability in EMC Documentum Content Server EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18, 7.0 before P16, and 7.1 before P09 allows remote authenticated users to gain privileges by (1) placing a command in a dm_job object and setting this object's owner to a privileged user or placing a rename action in a dm_job_request object and waiting for a (2) dm_UserRename or (3) dm_GroupRename service task, aka ESA-2014-105. | 9.0 |
20 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-12-17 | CVE-2014-9322 | Linux Redhat Canonical Opensuse Suse | Improper Privilege Management vulnerability in multiple products arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space. | 7.8 |
2014-12-16 | CVE-2014-5359 | Safenet INC | Path Traversal vulnerability in Safenet-Inc Safenet Authentication Service Outlook web Access Agent 1.03.20212 Directory traversal vulnerability in SafeNet Authentication Service (SAS) Outlook Web Access Agent (formerly CRYPTOCard) before 1.03.30109 allows remote attackers to read arbitrary files via a .. | 7.8 |
2014-12-20 | CVE-2014-9295 | NTP | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in NTP Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function. | 7.5 |
2014-12-20 | CVE-2014-9294 | NTP | Unspecified vulnerability in NTP util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. | 7.5 |
2014-12-20 | CVE-2014-9293 | NTP | Unspecified vulnerability in NTP The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. | 7.5 |
2014-12-19 | CVE-2014-9379 | Ettercap Project | Buffer Errors vulnerability in Ettercap-Project Ettercap 0.8.1 The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which triggers a stack-based buffer overflow. | 7.5 |
2014-12-19 | CVE-2014-9378 | Ettercap Project | Improper Input Validation vulnerability in Ettercap-Project Ettercap 0.8.1 Ettercap 0.8.1 does not validate certain return values, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted (1) name to the parse_line function in mdns_spoof/mdns_spoof.c or (2) base64 encoded password to the dissector_imap function in dissectors/ec_imap.c. | 7.5 |
2014-12-19 | CVE-2014-9377 | Ettercap Project | Buffer Errors vulnerability in Ettercap-Project Ettercap 0.8.1 Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a large netbios packet. | 7.5 |
2014-12-19 | CVE-2014-9376 | Ettercap Project | Denial of Service vulnerability in Ettercap-Project Ettercap 0.8.1 Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small (1) size variable value in the dissector_dhcp function in dissectors/ec_dhcp.c, (2) length value to the dissector_gg function in dissectors/ec_gg.c, or (3) string length to the get_decode_len function in ec_utils.c or a request without a (4) username or (5) password to the dissector_TN3270 function in dissectors/ec_TN3270.c. | 7.5 |
2014-12-19 | CVE-2014-6396 | Ettercap Project | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ettercap-Project Ettercap The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memory location. | 7.5 |
2014-12-19 | CVE-2014-6395 | Ettercap Project | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ettercap-Project Ettercap Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the actual length of the password. | 7.5 |
2014-12-16 | CVE-2014-9057 | Debian Sixapart | SQL Injection vulnerability in multiple products SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5.2.11, and 6.x before 6.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2014-12-16 | CVE-2014-8340 | Zoneo Soft | SQL Injection vulnerability in Zoneo-Soft PHPtraffica 2.2.1 SQL injection vulnerability in Php/Functions/log_function.php in phpTrafficA 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via a User-Agent HTTP header. | 7.5 |
2014-12-15 | CVE-2014-9249 | Zenoss | Permissions, Privileges, and Access Controls vulnerability in Zenoss Core The default configuration of Zenoss Core before 5 allows remote attackers to read or modify database information by connecting to unspecified open ports, aka ZEN-15408. | 7.5 |
2014-12-15 | CVE-2014-8507 | SQL Injection vulnerability in Google Android Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android before 5.0.0 allow remote attackers to execute arbitrary SQL commands, and consequently launch an activity or service, via the (1) wapAppId or (2) contentType field of a PDU for a malformed WAPPush message, aka Bug 17969135. | 7.5 | |
2014-12-15 | CVE-2014-6256 | Zenoss | Permissions, Privileges, and Access Controls vulnerability in Zenoss Core Zenoss Core through 5 Beta 3 allows remote attackers to bypass intended access restrictions and place files in a directory with public (1) read or (2) execute access via a move action, aka ZEN-15386. | 7.5 |
2014-12-15 | CVE-2014-6052 | Libvncserver Oracle Debian Canonical | Improper Input Validation vulnerability in multiple products The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message. | 7.5 |
2014-12-15 | CVE-2014-1569 | Mozilla | Security Bypass vulnerability in Mozilla Network Security Services The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00. | 7.5 |
2014-12-19 | CVE-2014-7208 | Gparted | Command Injection vulnerability in Gparted GParted before 0.15.0 allows local users to execute arbitrary commands with root privileges via shell metacharacters in a crafted filesystem label. | 7.2 |
2014-12-15 | CVE-2014-8609 | Permissions, Privileges, and Access Controls vulnerability in Google Android The addAccount method in src/com/android/settings/accounts/AddAccountSettings.java in the Settings application in Android before 5.0.0 does not properly create a PendingIntent, which allows attackers to use the SYSTEM uid for broadcasting an intent with arbitrary component, action, or category information via a third-party authenticator in a crafted application, aka Bug 17356824. | 7.2 |
95 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-12-16 | CVE-2014-8583 | Modwsgi | 7PK - Security Features vulnerability in Modwsgi MOD Wsgi mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors. | 6.9 |
2014-12-19 | CVE-2014-9407 | Revive Adserver | Cross-Site Request Forgery (CSRF) vulnerability in Revive-Adserver Revive Adserver Multiple cross-site request forgery (CSRF) vulnerabilities in Revive Adserver before 3.0.5 allow remote attackers to hijack the authentication of administrators for requests that (1) delete data via a request to agency-delete.php, (2) tracker-delete.php, or (3) userlog-delete.php in admin/ or (4) unlink accounts via a request to admin-user-unlink.php. | 6.8 |
2014-12-19 | CVE-2014-9368 | Twitterdash Project | Cross-Site Request Forgery (CSRF) vulnerability in Twitterdash Project Twitterdash Cross-site request forgery (CSRF) vulnerability in the twitterDash plugin 2.1 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the username_twitterDash parameter in the twitterDash.php page to wp-admin/options-general.php. | 6.8 |
2014-12-19 | CVE-2014-9341 | Yurl Retwitt Project | Cross-Site Request Forgery (CSRF) vulnerability in Yurl Retwitt Project Yurl Retwitt 1.4 Multiple cross-site request forgery (CSRF) vulnerabilities in the yURL ReTwitt plugin 1.4 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) yurl_login or (2) yurl_anchor parameter in the yurl page to wp-admin/options-general.php. | 6.8 |
2014-12-19 | CVE-2014-9340 | Wpcommenttwit Project | Cross-Site Request Forgery (CSRF) vulnerability in Wpcommenttwit Project Wpcommenttwit 0.5 Multiple cross-site request forgery (CSRF) vulnerabilities in the wpCommentTwit plugin 0.5 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) username or (2) password parameter in the wpCommentTwit.php page to wp-admin/options-general.php. | 6.8 |
2014-12-19 | CVE-2014-9339 | Jayde Online | Cross-Site Request Forgery (CSRF) vulnerability in Jayde Online Spnbabble 1.4.1 Multiple cross-site request forgery (CSRF) vulnerabilities in the SPNbabble plugin 1.4.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) username or (2) password parameter in the spnbabble.php page to wp-admin/options-general.php. | 6.8 |
2014-12-19 | CVE-2014-9338 | O2Tweet Project | Cross-Site Request Forgery (CSRF) vulnerability in O2Tweet Project O2Tweet Multiple cross-site request forgery (CSRF) vulnerabilities in the O2Tweet plugin 0.0.4 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) o2t_username or (2) o2t_tags parameter to wp-admin/options-general.php. | 6.8 |
2014-12-19 | CVE-2014-9337 | Mikiurl Wordpress Eklentisi Project | Cross-Site Request Forgery (CSRF) vulnerability in Mikiurl Wordpress Eklentisi Project Mikiurl Wordpress Eklentisi 2.0 Multiple cross-site request forgery (CSRF) vulnerabilities in the Mikiurl Wordpress Eklentisi plugin 2.0 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) twitter_kullanici or (2) twitter_sifre parameter in a kaydet action in the mikiurl.php page to wp-admin/options-general.php. | 6.8 |
2014-12-19 | CVE-2014-9336 | Itwitter Project | Cross-Site Request Forgery (CSRF) vulnerability in Itwitter Project Itwitter 0.04 Multiple cross-site request forgery (CSRF) vulnerabilities in the iTwitter plugin 0.04 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) itex_t_twitter_username or (2) itex_t_twitter_userpass parameter in the iTwitter.php page to wp-admin/options-general.php. | 6.8 |
2014-12-19 | CVE-2014-9335 | Dandyid Services Project | Cross-Site Request Forgery (CSRF) vulnerability in Dandyid Services Project Dandyid Services 1.5.9 Multiple cross-site request forgery (CSRF) vulnerabilities in the DandyID Services plugin 1.5.9 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) email_address or (2) sidebarTitle parameter in the dandyid-services.php page to wp-admin/options-general.php. | 6.8 |
2014-12-19 | CVE-2014-7241 | Tsutaya | Improper Input Validation vulnerability in Tsutaya 5.3 The TSUTAYA application 5.3 and earlier for Android allows remote attackers to execute arbitrary Java methods via a crafted HTML document. | 6.8 |
2014-12-18 | CVE-2014-6077 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM products Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 6.8 |
2014-12-17 | CVE-2014-5437 | Arris | Cross-Site Request Forgery (CSRF) vulnerability in Arris Touchstone Tg862G/Ct Firmware 7.6.59S.Ct Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote management via a request to remote_management.php, (2) add a port forwarding rule via a request to port_forwarding_add.php, (3) change the wireless network to open via a request to wireless_network_configuration_edit.php, or (4) conduct cross-site scripting (XSS) attacks via the keyword parameter to managed_sites_add_keyword.php. | 6.8 |
2014-12-16 | CVE-2014-8246 | Broadcom | Cross-Site Request Forgery (CSRF) vulnerability in Broadcom Release Automation 4.7.1 Cross-site request forgery (CSRF) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2014-12-15 | CVE-2014-9386 | Zenoss | Remote Security vulnerability in Zenoss Core Zenoss Core before 4.2.5 SP161 sets an infinite lifetime for the session ID cookie, which makes it easier for remote attackers to hijack sessions by leveraging an unattended workstation, aka ZEN-12691. | 6.8 |
2014-12-15 | CVE-2014-9385 | Zenoss | Cross-Site Request Forgery (CSRF) vulnerability in Zenoss Core Cross-site request forgery (CSRF) vulnerability in Zenoss Core through 5 Beta 3 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger arbitrary code execution via a ZenPack upload, aka ZEN-15388. | 6.8 |
2014-12-15 | CVE-2014-8967 | Microsoft | Use After Free Remote Code Execution vulnerability in Microsoft Internet Explorer Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets (CSS) token sequence specifying the run-in value for the display property, leading to improper CElement reference counting. | 6.8 |
2014-12-15 | CVE-2014-6260 | Zenoss | Command Injection vulnerability in Zenoss Core Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string, which allows remote attackers to execute arbitrary commands or cause a denial of service (paging outage) by leveraging an unattended workstation, aka ZEN-15412. | 6.8 |
2014-12-15 | CVE-2014-6253 | Zenoss | Cross-Site Request Forgery (CSRF) vulnerability in Zenoss Core Multiple cross-site request forgery (CSRF) vulnerabilities in Zenoss Core through 5 Beta 3 allow remote attackers to hijack the authentication of arbitrary users, aka ZEN-12653. | 6.8 |
2014-12-19 | CVE-2014-9258 | Glpi Project | SQL Injection vulnerability in Glpi-Project Glpi SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter. | 6.5 |
2014-12-19 | CVE-2014-9185 | Morfy CMS Project | Code Injection vulnerability in Morfy CMS Project Morfy CMS 1.04 Static code injection vulnerability in install.php in Morfy CMS 1.05 allows remote authenticated users to inject arbitrary PHP code into config.php via the site_url parameter. | 6.5 |
2014-12-18 | CVE-2014-6080 | IBM | SQL Injection vulnerability in IBM products SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2014-12-17 | CVE-2014-7285 | Symantec | Command Injection vulnerability in Symantec web Gateway The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts. | 6.5 |
2014-12-17 | CVE-2014-4844 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Business Process Manager The import/export functionality in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.5 allows remote authenticated users to bypass intended access restrictions via a project action for a (1) process application or (2) toolkit. | 6.5 |
2014-12-16 | CVE-2014-8248 | Broadcom | SQL Injection vulnerability in Broadcom Release Automation 4.7.1 SQL injection vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote authenticated users to execute arbitrary SQL commands via a crafted query. | 6.5 |
2014-12-16 | CVE-2014-9372 | Manageengine | Path Traversal vulnerability in Manageengine Password Manager PRO Directory traversal vulnerability in the UploadAccountActivities servlet in ManageEngine Password Manager Pro (PMP) before 7103 allows remote attackers to delete arbitrary files via a .. | 6.4 |
2014-12-15 | CVE-2014-6255 | Zenoss | Open Redirection vulnerability in Zenoss Open redirect vulnerability in the login form in Zenoss Core before 4.2.5 SP161 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the came_from parameter, aka ZEN-11998. | 6.4 |
2014-12-19 | CVE-2014-9324 | Otrs | Permissions, Privileges, and Access Controls vulnerability in Otrs Help Desk The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17, 3.3.x before 3.3.11, and 4.0.x before 4.0.3 allows remote authenticated users to access and modify arbitrary tickets via unspecified vectors. | 6.0 |
2014-12-18 | CVE-2014-8890 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty Profile 8.5.x before 8.5.5.4 allows remote attackers to gain privileges by leveraging the combination of a servlet's deployment descriptor security constraints and ServletSecurity annotations. | 5.1 |
2014-12-20 | CVE-2014-9296 | NTP | Code vulnerability in NTP The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets. | 5.0 |
2014-12-20 | CVE-2014-8019 | Cisco | Path Traversal vulnerability in Cisco Enterprise Content Delivery System Directory traversal vulnerability in Cisco Enterprise Content Delivery System (ECDS) allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCuo90148. | 5.0 |
2014-12-19 | CVE-2013-7401 | C Icap Project | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in C-Icap Project C-Icap The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method. | 5.0 |
2014-12-19 | CVE-2014-9408 | Ekahau | Information Exposure vulnerability in Ekahau products Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 uses part of the MAC address as part of the RC4 setup key, which makes it easier for remote attackers to guess the key via a brute-force attack. | 5.0 |
2014-12-19 | CVE-2014-9381 | Ettercap Project | Numeric Errors vulnerability in Ettercap-Project Ettercap 0.8.1 Integer signedness error in the dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (crash) via a crafted password, which triggers a large memory allocation. | 5.0 |
2014-12-19 | CVE-2014-9380 | Ettercap Project | Buffer Errors vulnerability in Ettercap-Project Ettercap 0.8.1 The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature. | 5.0 |
2014-12-19 | CVE-2014-8875 | Revive Adserver | Denial of Service vulnerability in Revive Adserver 'XML/RPC.php' XML Entity Expansion The XML_RPC_cd function in lib/pear/XML/RPC.php in Revive Adserver before 3.0.6 allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted XML-RPC request, aka an XML Entity Expansion (XEE) attack. | 5.0 |
2014-12-19 | CVE-2013-4442 | Pwgen Project | Cryptographic Issues vulnerability in Pwgen Project Pwgen 2.06 Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers. | 5.0 |
2014-12-19 | CVE-2013-4440 | Pwgen Project | Credentials Management vulnerability in Pwgen Project Pwgen 2.06 Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack. | 5.0 |
2014-12-19 | CVE-2014-8272 | Dell Intel | The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack. | 5.0 |
2014-12-19 | CVE-2014-8016 | Cisco | Resource Management Errors vulnerability in Cisco Ironport Email Security Appliances The Cisco IronPort Email Security Appliance (ESA) allows remote attackers to cause a denial of service (CPU consumption) via long Subject headers in e-mail messages, aka Bug ID CSCzv93864. | 5.0 |
2014-12-18 | CVE-2014-8014 | Cisco | Data Processing Errors vulnerability in Cisco IOS XR Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCub63710. | 5.0 |
2014-12-18 | CVE-2014-6164 | IBM | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.0.x before 8.0.0.10 and 8.5.x before 8.5.5.4 allows remote attackers to spoof OpenID and OpenID Connect cookies, and consequently obtain sensitive information, via a crafted URL. | 5.0 |
2014-12-18 | CVE-2014-6088 | IBM | Information Exposure vulnerability in IBM products IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to obtain sensitive information by sniffing the network during use of the null SSL cipher. | 5.0 |
2014-12-18 | CVE-2014-6087 | IBM | Cryptographic Issues vulnerability in IBM products IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make it easier for remote attackers to obtain sensitive information by sniffing the network during use of a weak algorithm in an SSL cipher suite. | 5.0 |
2014-12-18 | CVE-2014-6086 | IBM | Information Exposure vulnerability in IBM products IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not ensure that HTTPS is used, which allows remote attackers to obtain sensitive information by sniffing the network during an HTTP session. | 5.0 |
2014-12-18 | CVE-2014-6084 | IBM | Cryptographic Issues vulnerability in IBM products IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make it easier for remote attackers to obtain sensitive information by sniffing the network during use of a weak SSL cipher. | 5.0 |
2014-12-18 | CVE-2014-6083 | IBM | Information Exposure vulnerability in IBM products IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session. | 5.0 |
2014-12-18 | CVE-2014-6078 | IBM | Improper Access Control vulnerability in IBM products IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not have a lockout period after invalid login attempts, which makes it easier for remote attackers to obtain admin access via a brute-force attack. | 5.0 |
2014-12-18 | CVE-2014-8108 | Redhat Apache Apple | Remote Denial of Service vulnerability in Apache Subversion The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist. | 5.0 |
2014-12-18 | CVE-2014-3580 | Redhat Apache Debian Apple | Remote Denial of Service vulnerability in Apache Subversion The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist. | 5.0 |
2014-12-17 | CVE-2014-9388 | Mantisbt | Improper Access Control vulnerability in Mantisbt bug_report.php in MantisBT before 1.2.18 allows remote attackers to assign arbitrary issues via the handler_id parameter. | 5.0 |
2014-12-17 | CVE-2014-8553 | Mantisbt | Information Exposure vulnerability in Mantisbt The mci_account_get_array_by_id function in api/soap/mc_account_api.php in MantisBT before 1.2.18 allows remote attackers to obtain sensitive information via a (1) mc_project_get_users, (2) mc_issue_get, (3) mc_filter_get_issues, or (4) mc_project_get_issues SOAP request. | 5.0 |
2014-12-17 | CVE-2014-8117 | File Project Freebsd Mageia Canonical | Resource Management Errors vulnerability in multiple products softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. | 5.0 |
2014-12-17 | CVE-2014-8116 | File Project Freebsd Mageia Canonical | Resource Management Errors vulnerability in multiple products The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. | 5.0 |
2014-12-17 | CVE-2013-7402 | C Icap Project | Denial of Service vulnerability in c-icap Server Multiple unspecified vulnerabilities in request.c in c-icap 0.2.x allow remote attackers to cause a denial of service (crash) via a crafted ICAP request. | 5.0 |
2014-12-17 | CVE-2014-7880 | HP | Remote Denial of Service vulnerability in HP TCP IP Services Openvms 5.6/5.7 Multiple unspecified vulnerabilities in the POP implementation in HP OpenVMS TCP/IP 5.7 before ECO5 allow remote attackers to cause a denial of service via unspecified vectors. | 5.0 |
2014-12-16 | CVE-2014-9323 | Firebirdsql Opensuse Debian Canonical | Null Pointer Dereference vulnerability in multiple products The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status. | 5.0 |
2014-12-16 | CVE-2014-8964 | Pcre Mariadb Fedoraproject Opensuse Oracle Redhat | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats. | 5.0 |
2014-12-15 | CVE-2014-9251 | Zenoss | Credentials Management vulnerability in Zenoss Core Zenoss Core through 5 Beta 3 uses a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack on hash values in the database, aka ZEN-15413. | 5.0 |
2014-12-15 | CVE-2014-9250 | Zenoss | Information Exposure vulnerability in Zenoss Core Zenoss Core through 5 Beta 3 does not include the HTTPOnly flag in a Set-Cookie header for the authentication cookie, which makes it easier for remote attackers to obtain credential information via script access to this cookie, aka ZEN-10418. | 5.0 |
2014-12-15 | CVE-2014-9248 | Zenoss | Credentials Management vulnerability in Zenoss Core Zenoss Core through 5 Beta 3 does not require complex passwords, which makes it easier for remote attackers to obtain access via a brute-force attack, aka ZEN-15406. | 5.0 |
2014-12-15 | CVE-2014-9245 | Zenoss | Information Exposure vulnerability in Zenoss Core Zenoss Core through 5 Beta 3 allows remote attackers to obtain sensitive information by attempting a product-rename action with an invalid new name and then reading a stack trace, as demonstrated by internal URL information, aka ZEN-15382. | 5.0 |
2014-12-15 | CVE-2014-6259 | Zenoss | Resource Management Errors vulnerability in Zenoss Core Zenoss Core through 5 Beta 3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, aka ZEN-15414, a similar issue to CVE-2003-1564. | 5.0 |
2014-12-15 | CVE-2014-6258 | Zenoss | Resource Management Errors vulnerability in Zenoss Core An unspecified endpoint in Zenoss Core through 5 Beta 3 allows remote attackers to cause a denial of service (CPU consumption) by triggering an arbitrary regular-expression match attempt, aka ZEN-15411. | 5.0 |
2014-12-15 | CVE-2014-6257 | Zenoss | Permissions, Privileges, and Access Controls vulnerability in Zenoss Core Zenoss Core through 5 Beta 3 allows remote attackers to bypass intended access restrictions by using a web-endpoint URL to invoke an object helper method, aka ZEN-15407. | 5.0 |
2014-12-15 | CVE-2014-6053 | Libvncserver Canonical Debian | Data Processing Errors vulnerability in multiple products The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc. | 5.0 |
2014-12-19 | CVE-2014-6193 | IBM | Remote Security vulnerability in IBM Websphere Portal 8.0.0.0/8.0.0.1/8.5.0.0 IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, when the Managed Pages setting is enabled, allows remote authenticated users to write to pages via an XML injection attack. | 4.9 |
2014-12-19 | CVE-2014-5212 | Novell | Cross-Site Scripting vulnerability in Novell Edirectory 8.7.3/8.8 Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter. | 4.3 |
2014-12-19 | CVE-2014-9135 | Huawei | Permissions, Privileges, and Access Controls vulnerability in Huawei P7-L10 Firmware V100R001C00B135 The PackageInstaller module in Huawei P7-L10 smartphones before V100R001C00B136 allows remote attackers to spoof the origin website and bypass the website whitelist protection mechanism via a crafted package. | 4.3 |
2014-12-19 | CVE-2014-8793 | Revive Adserver | Cross-Site Scripting vulnerability in Revive-Adserver Revive Adserver Cross-site scripting (XSS) vulnerability in lib/max/Admin/UI/Field/PublisherIdField.php in Revive Adserver before 3.0.6 allows remote attackers to inject arbitrary web script or HTML via the refresh_page parameter to www/admin/report-generate.php. | 4.3 |
2014-12-19 | CVE-2014-2716 | Ekahau | Cryptographic Issues vulnerability in Ekahau products Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts. | 4.3 |
2014-12-19 | CVE-2014-2026 | Unitedplanet | Cross-Site Scripting vulnerability in Unitedplanet Intrexx 5.2/6.0 Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter. | 4.3 |
2014-12-19 | CVE-2014-7268 | Ricksoft | Cross-Site Scripting vulnerability in Ricksoft WBS Gantt-Chart 7.8.1 Cross-site scripting (XSS) vulnerability in the data-export feature in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-7267. | 4.3 |
2014-12-19 | CVE-2014-8902 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Portal Cross-site scripting (XSS) vulnerability in the Blog Portlet in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF14, and 8.5.0 before CF04 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2014-12-19 | CVE-2014-6171 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Portal Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF14, and 8.5.0 before CF04 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2014-12-18 | CVE-2014-6174 | IBM | 7PK - Security Features vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.4 allows remote attackers to conduct clickjacking attacks via a crafted web site. | 4.3 |
2014-12-18 | CVE-2014-6167 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Application Server Cross-site scripting (XSS) vulnerability in the URL rewriting feature in IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.4 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2014-12-18 | CVE-2014-6166 | IBM | Unspecified vulnerability in IBM Websphere Application Server The Communications Enabled Applications (CEA) service in IBM WebSphere Application Server 8.0.x before 8.0.0.10 and 8.5.x before 8.5.5.4, and Feature Pack for CEA 1.x before 1.0.0.15, allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 4.3 |
2014-12-18 | CVE-2014-6076 | IBM | 7PK - Security Features vulnerability in IBM products IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site. | 4.3 |
2014-12-17 | CVE-2014-9253 | Dokuwiki Mageia | Cross-Site Scripting vulnerability in multiple products The default file type whitelist configuration in conf/mime.conf in the Media Manager in DokuWiki before 2014-09-29b allows remote attackers to execute arbitrary web script or HTML by uploading an SWF file, then accessing it via the media parameter to lib/exe/fetch.php. | 4.3 |
2014-12-17 | CVE-2014-8006 | Cisco | Improper Authentication vulnerability in Cisco Isb8320-E High-Definition Ip-Only DVR The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote attackers to bypass authentication by establishing a TELNET session during a recovery boot, aka Bug ID CSCup85422. | 4.3 |
2014-12-16 | CVE-2014-8247 | Broadcom | Cross-Site Scripting vulnerability in Broadcom Release Automation 4.7.1 Cross-site scripting (XSS) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-12-16 | CVE-2014-6176 | IBM | Cryptographic Issues vulnerability in IBM products IBM WebSphere Process Server 7.0, WebSphere Enterprise Service Bus 7.0, and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.5 disregard the SSL setting in the SCA module HTTP import binding and unconditionally select the SSLv3 protocol, which makes it easier for remote attackers to hijack sessions or obtain sensitive information by leveraging the use of a weak cipher. | 4.3 |
2014-12-16 | CVE-2014-8751 | Goywp | Cross-Site Scripting vulnerability in Goywp Webpress 13.00.06 Multiple cross-site scripting (XSS) vulnerabilities in goYWP WebPress 13.00.06 allow remote attackers to inject arbitrary web script or HTML via the (1) search_param parameter to search.php or (2) name, (3) address, or (4) comment parameter to forms.php. | 4.3 |
2014-12-16 | CVE-2014-5466 | Splunk | Cross-Site Scripting vulnerability in Splunk Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.7, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-12-15 | CVE-2014-6254 | Zenoss | Cross-Site Scripting vulnerability in Zenoss Core Multiple cross-site scripting (XSS) vulnerabilities in Zenoss Core through 5 Beta 3 allow remote attackers to inject arbitrary web script or HTML via an attribute in a (1) device name, (2) device detail, (3) report name, (4) report detail, or (5) portlet name, or (6) a string to a helper method, aka ZEN-15381 and ZEN-15410. | 4.3 |
2014-12-20 | CVE-2014-8007 | Cisco | Information Exposure vulnerability in Cisco Prime Infrastructure Cisco Prime Infrastructure allows remote authenticated users to read device-discovery passwords by examining the HTML source code of the Quick Discovery options page, aka Bug ID CSCum00019. | 4.0 |
2014-12-19 | CVE-2014-5213 | Novell | Information Exposure vulnerability in Novell Edirectory 8.7.3/8.8 nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request. | 4.0 |
2014-12-19 | CVE-2014-9403 | ZNC | Denial of Service vulnerability in ZNC 'CWebAdminMod::ChanPage()' Function The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a "use-after-delete" error. | 4.0 |
2014-12-19 | CVE-2014-9355 | Puppet | Information Exposure vulnerability in Puppet Enterprise Puppet Enterprise before 3.7.1 allows remote authenticated users to obtain licensing and certificate signing request information by leveraging access to an unspecified API endpoint. | 4.0 |
2014-12-18 | CVE-2014-8901 | IBM | Resource Management Errors vulnerability in IBM DB2 IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted XML query. | 4.0 |
2014-12-18 | CVE-2014-6089 | IBM | Data Processing Errors vulnerability in IBM products IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote authenticated users to cause a denial of service (disrupted system operations) by uploading a file to a protected area. | 4.0 |
2014-12-18 | CVE-2014-6082 | IBM | Denial-Of-Service vulnerability in IBM products IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote authenticated users to cause a denial of service (administration UI outage) via unspecified vectors. | 4.0 |
2014-12-17 | CVE-2014-6182 | IBM | Path Traversal vulnerability in IBM Business Process Manager Directory traversal vulnerability in an export function in the Process Center in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5 allows remote authenticated users to read arbitrary files via a .. | 4.0 |
2014-12-15 | CVE-2014-9247 | Zenoss | Information Exposure vulnerability in Zenoss Core Zenoss Core through 5 Beta 3 allows remote authenticated users to obtain sensitive (1) user account, (2) e-mail address, and (3) role information by visiting the ZenUsers (aka User Manager) page, aka ZEN-15389. | 4.0 |
9 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2014-12-19 | CVE-2014-7267 | Ricksoft | Cross-Site Scripting vulnerability in Ricksoft WBS Gantt-Chart 7.8.1 Cross-site scripting (XSS) vulnerability in the output-page generator in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-7268. | 3.5 |
2014-12-19 | CVE-2014-6173 | IBM | Cross-Site Scripting vulnerability in IBM Business Process Manager Cross-site scripting (XSS) vulnerability in the Process Inspector in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2014-12-19 | CVE-2014-4801 | IBM | Cross-Site Scripting vulnerability in IBM Rational Quality Manager Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x through 2.0.1.1, 3.x before 3.0.1.6 iFix 4, 4.x before 4.0.7 iFix 2, and 5.x before 5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2014-12-17 | CVE-2014-5438 | Arris | Cross-Site Scripting vulnerability in Arris Touchstone Tg862G/Ct Firmware 7.6.59S.Ct Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computer_name parameter to connected_devices_computers_edit.php. | 3.5 |
2014-12-16 | CVE-2014-5354 | MIT | NULL Pointer Dereference Remote Denial of Service vulnerability in MIT Kerberos 5 plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by creating a database entry for a keyless principal, as demonstrated by a kadmin "add_principal -nokey" or "purgekeys -all" command. | 3.5 |
2014-12-16 | CVE-2014-5353 | MIT Redhat Fedoraproject Debian Canonical Oracle Opensuse | Null Pointer Dereference vulnerability in multiple products The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via a successful LDAP query with no results, as demonstrated by using an incorrect object type for a password policy. | 3.5 |
2014-12-15 | CVE-2014-8610 | Permissions, Privileges, and Access Controls vulnerability in Google Android AndroidManifest.xml in Android before 5.0.0 does not require the SEND_SMS permission for the SmsReceiver receiver, which allows attackers to send stored SMS messages, and consequently transmit arbitrary new draft SMS messages or trigger additional per-message charges from a network operator for old messages, via a crafted application that broadcasts an intent with the com.android.mms.transaction.MESSAGE_SENT action, aka Bug 17671795. | 3.3 | |
2014-12-15 | CVE-2014-9252 | Zenoss | Information Exposure vulnerability in Zenoss Core Zenoss Core through 5 Beta 3 stores cleartext passwords in the session database, which might allow local users to obtain sensitive information by reading database entries, aka ZEN-15416. | 2.1 |
2014-12-17 | CVE-2014-7170 | Puppet | Race Condition vulnerability in Puppet Server 0.2.0 Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service. | 1.9 |