Weekly Vulnerabilities Reports > March 16 to 22, 2015
Overview
62 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 11 high severity vulnerabilities. This weekly summary report vulnerabilities in 57 products from 25 vendors including Apple, Cisco, IBM, Mybb, and Canonical. Vulnerabilities are notably categorized as "Resource Management Errors", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "SQL Injection", and "Information Exposure".
- 55 reported vulnerabilities are remotely exploitables.
- 4 reported vulnerabilities have public exploit available.
- 19 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 49 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 17 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|
11 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-03-20 | CVE-2015-1804 | X Canonical Debian | Numeric Errors vulnerability in X Libxfont The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file. | 8.5 |
2015-03-20 | CVE-2015-1803 | Canonical Debian X | Local Denial of Service vulnerability in X.Org libXfont 'bitmap/bdfread.c' The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file. | 8.5 |
2015-03-20 | CVE-2015-1802 | X Canonical Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in X Libxfont The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negative or (2) large property count in a BDF font file. | 8.5 |
2015-03-18 | CVE-2015-0132 | IBM | Resource Management Errors vulnerability in IBM products The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5 and 4.x before 4.0.7 iFix3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | 7.8 |
2015-03-21 | CVE-2015-0898 | Futomi | Code Injection vulnerability in Futomi MP Form Mail CGI futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows allows remote attackers to execute arbitrary Perl code via unspecified vectors. | 7.5 |
2015-03-20 | CVE-2015-2563 | Vastal | SQL Injection vulnerability in Vastal PHPvid 0.9.9/1.2.3 SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 0.9.9 and 1.2.3 allows remote attackers to execute arbitrary SQL commands via the order_by parameter. | 7.5 |
2015-03-20 | CVE-2015-2562 | WEB Dorado | SQL Injection vulnerability in Web-Dorado Ecommerce WD 1.2.5 Multiple SQL injection vulnerabilities in the Web-Dorado ECommerce WD (com_ecommercewd) component 1.2.5 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) search_category_id, (2) sort_order, or (3) filter_manufacturer_ids in a displayproducts action to index.php. | 7.5 |
2015-03-19 | CVE-2015-2352 | Mybb | Security vulnerability in MyBB The cache handler in MyBB (aka MyBulletinBoard) before 1.8.4 does not properly check the encoding of input to the var_export function, which allows attackers to have an unspecified impact via unknown vectors. | 7.5 |
2015-03-19 | CVE-2015-2281 | Fortinet | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fortinet Single Sign ON 4.3 Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attackers to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000. | 7.5 |
2015-03-17 | CVE-2015-2314 | Wpml | SQL Injection vulnerability in Wpml SQL injection vulnerability in the WPML plugin before 3.1.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the lang parameter in the HTTP Referer header in a wp-link-ajax action to comments/feed. | 7.5 |
2015-03-17 | CVE-2015-0662 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Anyconnect Secure Mobility Client Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to gain privileges via crafted IPC messages that trigger use of root privileges for a software-package installation, aka Bug ID CSCus79385. | 7.2 |
44 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-03-19 | CVE-2015-2350 | Mikrotik | Cross-Site Request Forgery (CSRF) vulnerability in Mikrotik Routeros Cross-site request forgery (CSRF) vulnerability in MikroTik RouterOS 5.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request in the status page to /cfg. | 6.8 |
2015-03-18 | CVE-2015-1083 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1082 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1081 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1080 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1079 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1078 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1077 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1076 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1075 | Apple | Resource Management Errors vulnerability in Apple Itunes and Safari WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1074 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1073 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1072 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1071 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1070 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1069 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-1068 | Apple | Resource Management Errors vulnerability in Apple products WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. | 6.8 |
2015-03-18 | CVE-2015-2296 | Mageia Project Python Canonical | The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect. | 6.8 |
2015-03-18 | CVE-2015-2334 | Mybb | Cross-Site Request Forgery (CSRF) vulnerability in Mybb Cross-site request forgery (CSRF) vulnerability in the Admin Control Panel (ACP) login in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2015-03-17 | CVE-2015-2293 | Yoast | Cross-Site Request Forgery (CSRF) vulnerability in Yoast Wordpress SEO Multiple cross-site request forgery (CSRF) vulnerabilities in admin/class-bulk-editor-list-table.php in the WordPress SEO by Yoast plugin before 1.5.7, 1.6.x before 1.6.4, and 1.7.x before 1.7.4 for WordPress allow remote attackers to hijack the authentication of certain users for requests that conduct SQL injection attacks via the (1) order_by or (2) order parameter in the wpseo_bulk-editor page. | 6.8 |
2015-03-17 | CVE-2015-0665 | Cisco | Path Traversal vulnerability in Cisco Anyconnect Secure Mobility Client The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173. | 6.6 |
2015-03-17 | CVE-2015-0663 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Anyconnect Secure Mobility Client Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does not properly implement access control for IPC messages, which allows local users to write to arbitrary files via crafted messages, aka Bug ID CSCus79392. | 6.6 |
2015-03-20 | CVE-2015-2564 | Projectsend | SQL Injection vulnerability in Projectsend 561 SQL injection vulnerability in client-edit.php in ProjectSend (formerly cFTP) r561 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to users-edit.php. | 6.5 |
2015-03-17 | CVE-2015-2292 | Yoast | SQL Injection vulnerability in Yoast Wordpress SEO Multiple SQL injection vulnerabilities in admin/class-bulk-editor-list-table.php in the WordPress SEO by Yoast plugin before 1.5.7, 1.6.x before 1.6.4, and 1.7.x before 1.7.4 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) order_by or (2) order parameter in the wpseo_bulk-editor page to wp-admin/admin.php. | 6.5 |
2015-03-21 | CVE-2015-0670 | Cisco | Improper Authentication vulnerability in Cisco products The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls via a crafted XML request, aka Bug ID CSCuo52482. | 6.4 |
2015-03-21 | CVE-2015-0669 | Cisco | Improper Input Validation vulnerability in Cisco IOS 15.4(3)S/15.4S The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 15.4S and 15.4(3)S allows remote attackers to modify configuration settings or cause a denial of service (partial service outage) by sending crafted Autonomic Networking (AN) messages on an intranet network, aka Bug ID CSCup62167. | 6.4 |
2015-03-18 | CVE-2015-0149 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM API Management The developer portal in IBM API Management 3.0 before 3.0.4.1 does not properly restrict access to the public and private APIs, which allows remote authenticated users to obtain sensitive information or modify data via unspecified API calls. | 5.5 |
2015-03-18 | CVE-2014-6129 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to delete the dashboards of arbitrary users via unspecified vectors. | 5.5 |
2015-03-20 | CVE-2015-0671 | Cisco | Resource Management Errors vulnerability in Cisco Videoscape Delivery System for Internet Streamer 3.2.1 The DNS implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.2(1) allows remote attackers to cause a denial of service (CPU consumption and network-resource consumption) via crafted packets, aka Bug ID CSCun15911. | 5.0 |
2015-03-18 | CVE-2015-0667 | Cisco | Improper Access Control vulnerability in Cisco Content Services Switch 11500 Firmware 8.20.4.02 The Management Interface on Cisco Content Services Switch (CSS) 11500 devices 8.20.4.02 and earlier allows remote attackers to bypass intended restrictions on local-network device access via crafted SSH packets, aka Bug ID CSCut14855. | 5.0 |
2015-03-18 | CVE-2015-1084 | Apple | Code vulnerability in Apple Iphone OS and Safari The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL. | 5.0 |
2015-03-18 | CVE-2015-2335 | Mybb | Information Exposure vulnerability in Mybb A JSON library in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to obtain the installation path via unknown vectors. | 5.0 |
2015-03-16 | CVE-2014-9687 | Ecryptfs | Credentials Management vulnerability in Ecryptfs Ecryptfs-Utils 86/99 eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack. | 5.0 |
2015-03-22 | CVE-2015-0941 | Inetc Project | Cryptographic Issues vulnerability in Inetc Project Inetc The Inetc plugin for Nullsoft Scriptable Install System (NSIS), as used in CERT/CC Failure Observation Engine (FOE) and other products, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and possibly execute arbitrary code by sending a crafted certificate in a download session for Windows executable files. | 4.3 |
2015-03-20 | CVE-2015-0668 | Cisco | Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.5/2.5.99.2 Cross-site scripting (XSS) vulnerability in the administration portal in Cisco WebEx Meetings Server 2.5 and 2.5.99.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq66737. | 4.3 |
2015-03-19 | CVE-2015-2351 | Alkacon | Cross-site Scripting vulnerability in Alkacon Opencms 9.5.1 Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms 9.5.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) homelink parameter to system/modules/org.opencms.workplace.help/jsptemplates/help_head.jsp, (2) workplaceresource parameter to system/workplace/locales/en/help/index.html, (3) path parameter to system/workplace/views/admin/admin-main.jsp, (4) mode parameter to system/workplace/views/explorer/explorer_files.jsp, or (5) query parameter in a search action to system/modules/org.opencms.workplace.help/elements/search.jsp. | 4.3 |
2015-03-19 | CVE-2015-2349 | Superwebmailer | Cross-site Scripting vulnerability in Superwebmailer 5.60.0.01190 Cross-site scripting (XSS) vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter. | 4.3 |
2015-03-18 | CVE-2015-0896 | Extplorer | Cross-site Scripting vulnerability in Extplorer Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-03-18 | CVE-2015-0664 | Cisco | Improper Input Validation vulnerability in Cisco Anyconnect Secure Mobility Client The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted messages, aka Bug ID CSCus79195. | 4.3 |
2015-03-18 | CVE-2015-2333 | Mybb | Cross-site Scripting vulnerability in Mybb Cross-site scripting (XSS) vulnerability in the MyCode editor in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-03-18 | CVE-2015-2332 | Mybb | Cross-site Scripting vulnerability in Mybb Cross-site scripting (XSS) vulnerability in member.php in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-03-18 | CVE-2015-0178 | IBM | Information Exposure vulnerability in IBM Liberty The Java overlay feature in IBM Bluemix Liberty before 1.13-20150209-1122 for Java does not properly support WAR applications, which allows remote attackers to obtain sensitive information via unspecified vectors. | 4.3 |
2015-03-17 | CVE-2015-2315 | Wpml | Cross-site Scripting vulnerability in Wpml Cross-site scripting (XSS) vulnerability in the WPML plugin before 3.1.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the target parameter in a reminder_popup action to the default URI. | 4.3 |
2015-03-18 | CVE-2014-6131 | IBM | Information Exposure vulnerability in IBM products IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to read the dashboards of arbitrary users via unspecified vectors. | 4.0 |
7 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-03-18 | CVE-2015-2149 | Mybb | Cross-site Scripting vulnerability in Mybb Multiple cross-site scripting (XSS) vulnerabilities in the administrative backend in MyBB (aka MyBulletinBoard) before 1.8.4 allow remote authenticated users to inject arbitrary web script or HTML via the (1) MIME-type field in an add action in the config-attachment_types module to admin/index.php; (2) title or (3) short description field in an add action in the (a) config-mycode or (b) user-groups module to admin/index.php; (4) title field in an add action in the (c) forum-management or (d) tool-tasks module to admin/index.php; (5) name field in an add_set action in the style-templates module to admin/index.php; (6) title field in an add_template_group action in the style-templates module to admin/index.php; (7) name field in an add action in the config-post_icons module to admin/index.php; (8) "title to assign" field in an add action in the user-titles module to admin/index.php; or (9) username field in the config-banning module to admin/index.php. | 3.5 |
2015-03-18 | CVE-2015-0128 | IBM | Cross-site Scripting vulnerability in IBM Rational Quality Manager Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix4, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0124. | 3.5 |
2015-03-18 | CVE-2015-0125 | IBM | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 4.x before 4.0.7 iFix3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2015-03-18 | CVE-2015-0124 | IBM | Cross-site Scripting vulnerability in IBM Rational Quality Manager Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix4, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0128. | 3.5 |
2015-03-18 | CVE-2015-0146 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Content Collector IBM Content Collector for Email 3.0 before 3.0.0.6-IBM-ICC-Server-IF001 and 4.0 before 4.0.0.3-IBM-ICC-Server-IF001 does not properly handle an unspecified query operator during searches of IBM FileNet P8 systems with IBM Content Search Services, which allows local users to bypass intended document-access restrictions and obtain sensitive information via a crafted search query. | 2.1 |
2015-03-18 | CVE-2015-2152 | XEN Fedoraproject | Permissions, Privileges, and Access Controls vulnerability in multiple products Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, when compiled with SDL support, or connecting to the VNC server on (2) ::1 or (3) 127.0.0.1, when not compiled with SDL support. | 1.9 |
2015-03-16 | CVE-2015-1420 | Debian Linux | Race Condition vulnerability in multiple products Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function. | 1.9 |