Weekly Vulnerabilities Reports > March 23 to 29, 2015
Overview
97 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 29 high severity vulnerabilities. This weekly summary report vulnerabilities in 115 products from 38 vendors including Cisco, Websense, IBM, Fedoraproject, and Opensuse. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "Information Exposure", "Resource Management Errors", and "Cross-Site Request Forgery (CSRF)".
- 83 reported vulnerabilities are remotely exploitables.
- 8 reported vulnerabilities have public exploit available.
- 24 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 86 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 21 reported vulnerabilities.
- Websense has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
7 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-03-29 | CVE-2015-2786 | Mybb | Security Bypass vulnerability in MyBB Unspecified vulnerability in MyBB (aka MyBulletinBoard) before 1.8.4 has unknown attack vectors related to "Group join request notifications sent to wrong group leaders." | 10.0 |
2015-03-29 | CVE-2014-5428 | Johnsoncontrols | Unspecified vulnerability in Johnsoncontrols Metsys 4.1/6.5 Unrestricted file upload vulnerability in unspecified web services in Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine (NAE) 55xx-x, Network Integration Engine (NIE) 5xxx-x, and NxE8500, allows remote attackers to execute arbitrary code by uploading a shell script. | 10.0 |
2015-03-27 | CVE-2015-2767 | Websense | Security vulnerability in Websense TRITON AP-EMAIL Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to "Autocomplete Enabled." | 10.0 |
2015-03-27 | CVE-2015-2763 | Websense | Security vulnerability in Websense TRITON AP-EMAIL Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to port 17703. | 10.0 |
2015-03-24 | CVE-2015-2284 | Solarwinds | Permissions, Privileges, and Access Controls vulnerability in Solarwinds Firewall Security Manager 6.6.5 userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code via unspecified vectors, related to client session handling. | 10.0 |
2015-03-24 | CVE-2015-0198 | IBM | Improper Authentication vulnerability in IBM General Parallel File System 3.4/3.5/4.1 IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors. | 10.0 |
2015-03-26 | CVE-2015-0635 | Cisco | Improper Input Validation vulnerability in Cisco IOS and IOS XE The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191. | 9.0 |
29 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-03-28 | CVE-2015-0658 | Cisco | Improper Input Validation vulnerability in Cisco Nx-Os The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589. | 7.9 |
2015-03-26 | CVE-2015-0650 | Cisco | Improper Input Validation vulnerability in Cisco IOS and IOS XE The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS before 3.10.4S, 3.11.xS before 3.11.3S, 3.12.xS before 3.12.2S, and 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) by sending malformed mDNS UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCup70579. | 7.8 |
2015-03-26 | CVE-2015-0649 | Cisco | Improper Input Validation vulnerability in Cisco IOS Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun63514. | 7.8 |
2015-03-26 | CVE-2015-0648 | Cisco | Resource Management Errors vulnerability in Cisco IOS Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658. | 7.8 |
2015-03-26 | CVE-2015-0647 | Cisco | Improper Input Validation vulnerability in Cisco IOS Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) UDP packets, aka Bug ID CSCum98371. | 7.8 |
2015-03-26 | CVE-2015-0646 | Cisco | Resource Management Errors vulnerability in Cisco IOS and IOS XE Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS through 3.10.xS before 3.10.5S, and 3.11.xS and 3.12.xS before 3.12.3S allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted TCP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCum94811. | 7.8 |
2015-03-26 | CVE-2015-0645 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE The Layer 4 Redirect (L4R) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.2S, 3.13 before 3.13.1S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuq59131. | 7.8 |
2015-03-26 | CVE-2015-0644 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE AppNav in Cisco IOS XE 3.8 through 3.10 before 3.10.3S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via a crafted TCP packet, aka Bug ID CSCuo53622. | 7.8 |
2015-03-26 | CVE-2015-0643 | Cisco | Resource Management Errors vulnerability in Cisco IOS and IOS XE Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (memory consumption and device reload) by sending malformed IKEv2 packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuo75572. | 7.8 |
2015-03-26 | CVE-2015-0642 | Cisco | Improper Input Validation vulnerability in Cisco IOS and IOS XE Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (device reload) by sending malformed IKEv2 packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCum36951. | 7.8 |
2015-03-26 | CVE-2015-0641 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE Cisco IOS XE 2.x and 3.x before 3.9.0S, 3.10 before 3.10.0S, 3.11 before 3.11.0S, 3.12 before 3.12.0S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via crafted IPv6 packets, aka Bug ID CSCub68073. | 7.8 |
2015-03-26 | CVE-2015-0640 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741. | 7.8 |
2015-03-26 | CVE-2015-0639 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE The Common Flow Table (CFT) feature in Cisco IOS XE 3.6 and 3.7 before 3.7.1S, 3.8 before 3.8.0S, 3.9 before 3.9.0S, 3.10 before 3.10.0S, 3.11 before 3.11.0S, 3.12 before 3.12.0S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S, when MMON or NBAR is enabled, allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets with IPv4 UDP encapsulation, aka Bug ID CSCua79665. | 7.8 |
2015-03-26 | CVE-2015-0637 | Cisco | Improper Input Validation vulnerability in Cisco IOS and IOS XE The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) via spoofed AN messages, aka Bug ID CSCup62315. | 7.8 |
2015-03-26 | CVE-2015-0636 | Cisco | Improper Input Validation vulnerability in Cisco IOS and IOS XE The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (disrupted domain access) via spoofed AN messages that reset a finite state machine, aka Bug ID CSCup62293. | 7.8 |
2015-03-29 | CVE-2015-2785 | Gnome | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gnome Byzanz The GIF encoder in Byzanz allows remote attackers to cause a denial of service (out-of-bounds heap write and crash) or possibly execute arbitrary code via a crafted Byzanz debug data recording (ByzanzRecording file) to the byzanz-playback command. | 7.5 |
2015-03-29 | CVE-2013-7438 | Pbm212030 Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pbm212030 Project Pbm212030 Multiple buffer overflows in pbm212030 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PBM image, related to (1) stream line data, which triggers a heap-based buffer overflow, or (2) vectors related to an "internal intermediate heap-based buffer." | 7.5 |
2015-03-29 | CVE-2014-9205 | Microsys | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsys Promotic Stack-based buffer overflow in the PmBase64Decode function in an unspecified demonstration application in MICROSYS PROMOTIC stable before 8.2.19 and PROMOTIC development before 8.3.2 allows remote attackers to execute arbitrary code by providing a large amount of data. | 7.5 |
2015-03-27 | CVE-2015-2772 | Websense | Arbitrary File Upload vulnerability in Websense TRITON V-Series SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to upload arbitrary files via unspecified vectors. | 7.5 |
2015-03-27 | CVE-2013-2184 | Sixapart | Code vulnerability in Sixapart Movable Type Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter. | 7.5 |
2015-03-26 | CVE-2015-2683 | Citrix | Permissions, Privileges, and Access Controls vulnerability in Citrix Command Center 5.1/5.2 Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 does not properly restrict access to the Advent Java Management Extensions (JMX) Servlet, which allows remote attackers to execute arbitrary code via unspecified vectors to servlets/Jmx_dynamic. | 7.5 |
2015-03-24 | CVE-2015-2265 | Canonical Linuxfoundation | Command Injection vulnerability in multiple products The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. | 7.5 |
2015-03-24 | CVE-2015-2155 | Debian Fedoraproject Opensuse Oracle Tcpdump | Denial of Service vulnerability in tcpdump The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | 7.5 |
2015-03-24 | CVE-2015-0261 | Tcpdump | Numeric Errors vulnerability in Tcpdump Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value. | 7.5 |
2015-03-23 | CVE-2015-2679 | Genixcms | SQL Injection vulnerability in Genixcms 0.0.1 Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php or (2) username parameter to gxadmin/login.php. | 7.5 |
2015-03-29 | CVE-2015-0528 | EMC | Permissions, Privileges, and Access Controls vulnerability in EMC Isilon Onefs The RPC daemon in EMC Isilon OneFS 6.5.x and 7.0.x before 7.0.2.13, 7.1.0 before 7.1.0.6, 7.1.1 before 7.1.1.2, and 7.2.0 before 7.2.0.1 allows local users to gain privileges by leveraging an ability to modify system files. | 7.2 |
2015-03-24 | CVE-2015-1388 | Arubanetworks | OS Command Injection vulnerability in Arubanetworks Arubaos The "RAP console" feature in ArubaOS 5.x through 6.2.x, 6.3.x before 6.3.1.15, and 6.4.x before 6.4.2.4 on Aruba access points in Remote Access Point (AP) mode allows remote attackers to execute arbitrary commands via unspecified vectors. | 7.2 |
2015-03-24 | CVE-2015-0197 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM General Parallel File System 3.4/3.5/4.1 IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors. | 7.2 |
2015-03-26 | CVE-2015-0638 | Cisco | Improper Input Validation vulnerability in Cisco IOS Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows remote attackers to cause a denial of service (interface queue wedge) via crafted ICMPv4 packets, aka Bug ID CSCsi02145. | 7.1 |
48 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-03-27 | CVE-2015-2770 | Websense | Cross-Site Request Forgery (CSRF) vulnerability in Websense V-Series Appliances Cross-site request forgery (CSRF) vulnerability in the command line page in Websense TRITON V-Series appliances before 8.0.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2015-03-27 | CVE-2015-2769 | Websense | Cross-Site Request Forgery (CSRF) vulnerability in Websense Triton AP Email Multiple cross-site request forgery (CSRF) vulnerabilities in the Personal Email Manager (PEM) in Websense TRITON AP-EMAIL before 8.0.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2015-03-27 | CVE-2015-2759 | Mcafee | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Data Loss Prevention Endpoint Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allow remote attackers to hijack the authentication of users for requests that (1) obtain sensitive information or (2) modify the database via unspecified vectors. | 6.8 |
2015-03-26 | CVE-2015-0279 | Redhat | Code Injection vulnerability in Redhat Richfaces JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter. | 6.8 |
2015-03-25 | CVE-2015-2701 | CS Cart | Cross-Site Request Forgery (CSRF) vulnerability in Cs-Cart 4.2.4 Cross-site request forgery (CSRF) vulnerability in CS-Cart 4.2.4 allows remote attackers to hijack the authentication of users for requests that change a user password via a request to profiles-update/. | 6.8 |
2015-03-25 | CVE-2014-8925 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Rational Clearquest Cross-site request forgery (CSRF) vulnerability in ClearQuest Web in IBM Rational ClearQuest 7.1.x before 7.1.2.17, 8.0.0.x before 8.0.0.14, and 8.0.1.x before 8.0.1.7 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout or insert XSS sequences. | 6.8 |
2015-03-23 | CVE-2015-2680 | Metalgenix | Cross-Site Request Forgery (CSRF) vulnerability in Metalgenix Genixcms 0.0.1 Cross-site request forgery (CSRF) vulnerability in MetalGenix GeniXCMS before 0.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request in the users page to gxadmin/index.php. | 6.8 |
2015-03-23 | CVE-2015-2676 | Asus | Cross-Site Request Forgery (CSRF) vulnerability in Asus Rt-G32 Firmware 2.0.2.6/2.0.3.2 Cross-site request forgery (CSRF) vulnerability in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to start_apply.htm. | 6.8 |
2015-03-27 | CVE-2015-2758 | Mcafee | Permissions, Privileges, and Access Controls vulnerability in Mcafee Data Loss Prevention Endpoint The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to obtain sensitive information, modify the database, or possibly have other unspecified impact via a crafted URL. | 6.5 |
2015-03-26 | CVE-2015-2746 | Websense | Command Injection vulnerability in Websense Triton and V-Series Appliances The network diagnostics tool (CommandLineServlet) in the Appliance Manager command line utility (CLU) in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the "second" parameter of a command, as demonstrated by the Destination parameter in the ping command. | 6.5 |
2015-03-24 | CVE-2015-0250 | Canonical Apache Redhat | XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file. | 6.4 |
2015-03-28 | CVE-2015-0679 | Cisco | Improper Input Validation vulnerability in Cisco Wireless LAN Controller Software 7.3(103.8)/7.4(110.0) The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980. | 6.1 |
2015-03-29 | CVE-2015-0997 | Aveva Schneider Electric | Information Exposure vulnerability in multiple products Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote attackers to obtain access via a brute-force password-guessing attack. | 5.0 |
2015-03-29 | CVE-2014-5427 | Johnsoncontrols | Information Exposure vulnerability in Johnsoncontrols Metsys 4.1/6.5 Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine (NAE) 55xx-x, Network Integration Engine (NIE) 5xxx-x, and NxE8500, allows remote attackers to read password hashes via a POST request. | 5.0 |
2015-03-27 | CVE-2015-2773 | Websense | Arbitrary File Read vulnerability in Websense TRITON V-Series SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to read arbitrary files via unspecified vectors. | 5.0 |
2015-03-27 | CVE-2015-2771 | Websense | Information Exposure vulnerability in Websense Triton AP Email and V-Series Appliances The Mail Server in Websense TRITON AP-EMAIL and V-Series appliances before 8.0.0 uses plaintext credentials, which allows remote attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2015-03-27 | CVE-2015-2766 | Websense | Credentials Management vulnerability in Websense Triton AP Email The Personal Email Manager (PEM) in Websense TRITON AP-EMAIL before 8.0.0 allows attackers to have unspecified impact via a brute force attack. | 5.0 |
2015-03-27 | CVE-2015-2762 | Websense | Information Exposure vulnerability in Websense Triton AP web Websense TRITON AP-WEB before 8.0.0 allows remote attackers to enumerate Windows domain user accounts via vectors related to HTTP authentication. | 5.0 |
2015-03-26 | CVE-2015-2748 | Websense | Information Exposure vulnerability in Websense products Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information via a direct request to a (1) Web Security incident report or the (2) Explorer configuration (websense.ini) file. | 5.0 |
2015-03-26 | CVE-2015-2682 | Citrix | Code vulnerability in Citrix Command Center 5.1/5.2 Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml. | 5.0 |
2015-03-26 | CVE-2015-0672 | Cisco | Resource Management Errors vulnerability in Cisco IOS XR 5.2.2 The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822. | 5.0 |
2015-03-25 | CVE-2015-2316 | Oracle Djangoproject Canonical Fedoraproject Opensuse | Resource Management Errors vulnerability in multiple products The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string. | 5.0 |
2015-03-25 | CVE-2015-0295 | Fedoraproject Opensuse Digia | Numeric Errors vulnerability in multiple products The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file. | 5.0 |
2015-03-24 | CVE-2015-2154 | Tcpdump | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tcpdump The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value. | 5.0 |
2015-03-24 | CVE-2015-2153 | Tcpdump | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tcpdump The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU). | 5.0 |
2015-03-24 | CVE-2015-0282 | GNU | Cryptographic Issues vulnerability in GNU Gnutls GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors. | 5.0 |
2015-03-23 | CVE-2014-9261 | Codologic | Path Traversal vulnerability in Codologic Codoforum 2.5.1 The sanitize function in Codoforum 2.5.1 does not properly implement filtering for directory traversal sequences, which allows remote attackers to read arbitrary files via a .. | 5.0 |
2015-03-24 | CVE-2015-0199 | IBM | Resource Management Errors vulnerability in IBM General Parallel File System 3.4/3.5/4.1 The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory corruption) via unspecified character-device ioctl calls. | 4.9 |
2015-03-27 | CVE-2015-2768 | Websense | Cross-site Scripting vulnerability in Websense Triton AP Email and V-Series Appliances Cross-site scripting (XSS) vulnerability in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-03-27 | CVE-2015-2765 | Websense | Improper Input Validation vulnerability in Websense Triton AP Email The Email Security Gateway in Websense TRITON AP-EMAIL before 8.0.0 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | 4.3 |
2015-03-27 | CVE-2015-2764 | Websense | Cross-site Scripting vulnerability in Websense Triton AP Data Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-DATA before 8.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the DSS (1) Mobile or (2) DLP report catalog. | 4.3 |
2015-03-27 | CVE-2015-2761 | Websense | Cross-site Scripting vulnerability in Websense Triton AP web Cross-site scripting (XSS) vulnerability in the Exceptions and Scanning Exceptions Pages in Websense TRITON AP-WEB before 8.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-03-26 | CVE-2015-2747 | Websense | Cross-site Scripting vulnerability in Websense Triton and V-Series Appliances Multiple cross-site scripting (XSS) vulnerabilities in the data loss prevention (DLP) incident Forensics Preview in Websense Triton 7.8.3 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via a crafted (1) email or (2) HTTP request, which triggers a DLP Policy. | 4.3 |
2015-03-25 | CVE-2015-2703 | Websense | Cross-site Scripting vulnerability in Websense Triton AP web and V-Series Appliances Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via the (1) ws-userip in the ws-encdata parameter to cve-bin/moreBlockInfo.cgi in the Data Security block page or (2) admin_msg parameter to configure/ssl_ui/eva-config/client-cert-import_wsoem.html in the Content Gateway, which is not properly handled in an error message. | 4.3 |
2015-03-25 | CVE-2015-2702 | Websense | Cross-site Scripting vulnerability in Websense products Cross-site scripting (XSS) vulnerability in the Message Log in the Email Security Gateway in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via the sender address in an email. | 4.3 |
2015-03-25 | CVE-2015-2317 | Debian Fedoraproject Opensuse Djangoproject Oracle Canonical | Cross-site Scripting vulnerability in multiple products The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL. | 4.3 |
2015-03-25 | CVE-2014-9711 | Websense | Cross-site Scripting vulnerability in Websense products Multiple cross-site scripting (XSS) vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Anywhere 7.8.3 before Hotfix 02 and 7.8.4 before Hotfix 01 allow remote attackers to inject arbitrary web script or HTML via the (1) ReportName (Job Name) parameter to the Explorer report scheduler (cgi-bin/WsCgiExplorerSchedule.exe) in the Job Queue or the col parameter to the (2) Names or (3) Anonymous (explorer_wse/explorer_anon.exe) summary report page. | 4.3 |
2015-03-25 | CVE-2015-0138 | IBM | Cryptographic Issues vulnerability in IBM Tivoli Directory Server GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server (ISDS) 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204. | 4.3 |
2015-03-24 | CVE-2015-0158 | IBM | Cross-site Scripting vulnerability in IBM Business Process Manager Cross-site scripting (XSS) vulnerability in the Coach NG framework in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2015-03-24 | CVE-2015-0137 | IBM | Improper Input Validation vulnerability in IBM Powervc IBM PowerVC Standard 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 validates Hardware Management Console (HMC) certificates only during the pre-login stage, which allows man-in-the-middle attackers to spoof devices via a crafted certificate. | 4.3 |
2015-03-24 | CVE-2015-0106 | IBM | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2015-03-24 | CVE-2015-0105 | IBM | Cross-site Scripting vulnerability in IBM Business Process Manager Cross-site scripting (XSS) vulnerability in the Process Portal in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
2015-03-23 | CVE-2015-2681 | Asus | Cross-site Scripting vulnerability in Asus Rt-G32 Firmware 2.0.2.6/2.0.3.2 Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) next_page, (2) group_id, (3) action_script, or (4) flag parameter to start_apply.htm. | 4.3 |
2015-03-23 | CVE-2015-2678 | Genixcms | Cross-site Scripting vulnerability in Genixcms 0.0.1 Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter in the categories page to gxadmin/index.php or (2) page parameter to index.php. | 4.3 |
2015-03-28 | CVE-2015-0680 | Cisco | Information Exposure vulnerability in Cisco Unified Callmanager 9.1(2.1000.28) Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests, which allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuq44439. | 4.0 |
2015-03-27 | CVE-2015-2757 | Mcafee | Resource Management Errors vulnerability in Mcafee Data Loss Prevention Endpoint The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to cause a denial of service (database lock or license corruption) via unspecified vectors. | 4.0 |
2015-03-27 | CVE-2014-9712 | Websense | Information Exposure vulnerability in Websense V-Series Appliances Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 before Hotfix 01 allow remote administrators to read arbitrary files and obtain passwords via a crafted path. | 4.0 |
2015-03-26 | CVE-2015-0673 | Cisco | Information Exposure vulnerability in Cisco Mobility Services Engine 8.0(110.0) Cisco Mobility Services Engine (MSE) 8.0(110.0) allows remote authenticated users to discover the passwords of arbitrary users by (1) reading log files or (2) using an unspecified GUI feature, aka Bug ID CSCut24792. | 4.0 |
13 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-03-27 | CVE-2015-2760 | Mcafee | Cross-site Scripting vulnerability in Mcafee Data Loss Prevention Endpoint Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2015-03-25 | CVE-2015-2559 | Debian Drupal | Improper Access Control vulnerability in multiple products Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL. | 3.5 |
2015-03-24 | CVE-2015-0103 | IBM | Cross-site Scripting vulnerability in IBM Business Process Manager Multiple cross-site scripting (XSS) vulnerabilities in the Process Portal in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified data fields. | 3.5 |
2015-03-23 | CVE-2015-2677 | Ocportal | Cross-site Scripting vulnerability in Ocportal Multiple cross-site scripting (XSS) vulnerabilities in ocPortal before 9.0.17 allow remote authenticated users to inject arbitrary web script or HTML via the (1) title or (2) text field in the cms_calendar page to cms/index.php; unspecified fields in (3) the cms_polls page to cms/index.php or (4) a new topic in the topics page to forum/index.php; or (5) a new PT (private topic/private message) in the topics page to forum/index.php. | 3.5 |
2015-03-23 | CVE-2015-2289 | S9Y | Cross-site Scripting vulnerability in S9Y Serendipity Cross-site scripting (XSS) vulnerability in templates/2k11/admin/entries.tpl in Serendipity before 2.0.1 allows remote authenticated editors to inject arbitrary web script or HTML via the serendipity[cat][name] parameter to serendipity_admin.php, when creating a new category. | 3.5 |
2015-03-29 | CVE-2015-0998 | Aveva Schneider Electric | Information Exposure vulnerability in multiple products Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network. | 3.3 |
2015-03-29 | CVE-2015-0999 | Aveva Schneider Electric | Information Exposure vulnerability in multiple products Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file. | 2.1 |
2015-03-29 | CVE-2015-0996 | Aveva Schneider Electric | Information Exposure vulnerability in multiple products Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes it easier for local users to obtain sensitive information by discovering this password. | 2.1 |
2015-03-27 | CVE-2015-2157 | Debian Fedoraproject Opensuse Putty Simon Tatham | Information Exposure vulnerability in multiple products The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory. | 2.1 |
2015-03-24 | CVE-2015-0527 | EMC | Information Exposure vulnerability in EMC Documentum Xcelerated Management System 1.1 EMC Documentum xCelerated Management System (xMS) 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform (xCP) provisioning, which allows local users to obtain sensitive information by reading a file. | 2.1 |
2015-03-24 | CVE-2015-0136 | IBM | Information Exposure vulnerability in IBM Powervc powervc-iso-import in IBM PowerVC 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 places an access token on the command line during IVM and PowerKVM management, which allows local users to obtain sensitive information by listing the process. | 2.1 |
2015-03-25 | CVE-2014-8923 | IBM | Information Exposure vulnerability in IBM products The (1) IBM Tivoli Identity Manager Active Directory adapter before 5.1.24 and (2) IBM Security Identity Manager Active Directory adapter before 6.0.14 for IBM Security Identity Manager on Windows, when certain log and trace levels are configured, store the cleartext administrator password in a log file, which allows local users to obtain sensitive information by reading a file. | 1.9 |
2015-03-25 | CVE-2014-6134 | IBM | Information Exposure vulnerability in IBM Installation Manager and Rational Clearcase IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager before 1.8.2 is used, retains cleartext server passwords in process memory throughout the installation procedure, which might allow local users to obtain sensitive information by leveraging access to the installation account. | 1.2 |