Weekly Vulnerabilities Reports > May 18 to 24, 2015

Overview

70 new vulnerabilities reported during this period, including 12 critical vulnerabilities and 19 high severity vulnerabilities. This weekly summary report vulnerabilities in 88 products from 42 vendors including Google, Debian, IBM, Cisco, and Docker. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-Site Request Forgery (CSRF)", "Permissions, Privileges, and Access Controls", and "Improper Access Control".

  • 60 reported vulnerabilities are remotely exploitables.
  • 9 reported vulnerabilities have public exploit available.
  • 16 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 62 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 17 reported vulnerabilities.
  • IBM has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

12 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-05-21 CVE-2015-3036 Kcodes Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Kcodes Netusb

Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005.

10.0
2015-05-20 CVE-2015-1903 IBM Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Domino

Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSN3Y.

10.0
2015-05-20 CVE-2015-1902 IBM Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Domino

Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSMLA.

10.0
2015-05-20 CVE-2015-1920 IBM Improper Access Control vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, and 8.5 before 8.5.5.6 allows remote attackers to execute arbitrary code by sending crafted instructions in a management-port session.

10.0
2015-05-19 CVE-2015-3408 Module Signature Project
Canonical
Command Injection vulnerability in multiple products

Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.

10.0
2015-05-19 CVE-2015-1845 Unzoo Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Unzoo

Buffer overflow in the EntrReadArch function in unzoo might allow remote attackers to execute arbitrary code via unspecified vectors.

10.0
2015-05-18 CVE-2015-3306 Proftpd Improper Access Control vulnerability in Proftpd 1.3.5

The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.

10.0
2015-05-18 CVE-2015-0278 Fedoraproject
Libuv Project
Permissions, Privileges, and Access Controls vulnerability in multiple products

libuv before 0.10.34 does not properly drop group privileges, which allows context-dependent attackers to gain privileges via unspecified vectors.

10.0
2015-05-18 CVE-2014-8383 Infocus Authentication Bypass vulnerability in Infocus In3128Hd Firmware 0.26

The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html.

10.0
2015-05-18 CVE-2014-8384 Infocus Authentication Bypass vulnerability in Infocus In3128Hd Firmware 0.26

The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request.

9.4
2015-05-21 CVE-2015-3911 Huawei Improper Access Control vulnerability in Huawei E587 Mobile Wifi Firmware

Huawei E587 Mobile WiFi with firmware before 11.203.30.00.00 allows remote attackers to bypass authentication, change configurations, send messages, and cause a denial of service (device restart) via unspecified vectors.

9.0
2015-05-20 CVE-2015-3990 Sonicwall Data Processing Errors vulnerability in Sonicwall products

The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration.

9.0

19 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-05-19 CVE-2015-1846 Unzoo Resource Management Errors vulnerability in Unzoo

unzoo allows remote attackers to cause a denial of service (infinite loop and resource consumption) via unspecified vectors to the (1) ExtrArch or (2) ListArch function, related to pointer handling.

7.8
2015-05-18 CVE-2015-1868 Powerdns
Fedoraproject
Resource Management Errors vulnerability in multiple products

The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself.

7.8
2015-05-20 CVE-2015-1188 Swisscom Unspecified vulnerability in Swisscom Centro Grande Firmware 6.12.02

The certificate verification functions in the HNDS service in Swisscom Centro Grande (ADB) DSL routers with firmware before 6.14.00 allows remote attackers to access the management functions via unknown vectors.

7.5
2015-05-20 CVE-2012-1665 Oscmax SQL Injection vulnerability in Oscmax 2.5.0

Multiple SQL injection vulnerabilities in the admin panel in osCMax before 2.5.1 allow (1) remote attackers to execute arbitrary SQL commands via the username parameter in a process action to admin/login.php or (2) remote administrators to execute arbitrary SQL commands via the status parameter to admin/stats_monthly_sales.php or (3) country parameter in a process action to admin/create_account_process.php.

7.5
2015-05-20 CVE-2015-3910 Google Security vulnerability in Google V8 Prior to 4.3.61.21

Multiple unspecified vulnerabilities in Google V8 before 4.3.61.21, as used in Google Chrome before 43.0.2357.65, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5
2015-05-20 CVE-2015-1265 Debian
Google
Security vulnerability in Google Chrome

Multiple unspecified vulnerabilities in Google Chrome before 43.0.2357.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5
2015-05-20 CVE-2015-1262 Google
Debian
Code vulnerability in Google Chrome

platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Unicode text.

7.5
2015-05-20 CVE-2015-1260 Debian
Google
Multiple Security vulnerability in Google Chrome Prior to 43.0.2357.65

Multiple use-after-free vulnerabilities in content/renderer/media/user_media_client_impl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that executes upon completion of a getUserMedia request.

7.5
2015-05-20 CVE-2015-1259 Debian
Google
Code vulnerability in multiple products

PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

7.5
2015-05-20 CVE-2015-1258 Debian
Google
Numeric Errors vulnerability in multiple products

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.

7.5
2015-05-20 CVE-2015-1257 Debian
Google
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

platform/graphics/filters/FEColorMatrix.cpp in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, does not properly handle an insufficient number of values in an feColorMatrix filter, which allows remote attackers to cause a denial of service (container overflow) or possibly have unspecified other impact via a crafted document.

7.5
2015-05-20 CVE-2015-1256 Debian
Google
Multiple Security vulnerability in Google Chrome Prior to 43.0.2357.65

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that leverages improper handling of a shadow tree for a use element.

7.5
2015-05-20 CVE-2015-1253 Debian
Google
Improper Access Control vulnerability in multiple products

core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element, related to the insert and executeReparentTask functions.

7.5
2015-05-20 CVE-2015-1252 Google
Debian
Buffer Errors vulnerability in Google Chrome

common/partial_circular_buffer.cc in Google Chrome before 43.0.2357.65 does not properly handle wraps, which allows remote attackers to bypass a sandbox protection mechanism or cause a denial of service (out-of-bounds write) via vectors that trigger a write operation with a large amount of data, related to the PartialCircularBuffer::Write and PartialCircularBuffer::DoWrite functions.

7.5
2015-05-19 CVE-2015-3409 Module Signature Project
Canonical
Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module.
7.2
2015-05-18 CVE-2015-3630 Docker Permissions, Privileges, and Access Controls vulnerability in Docker

Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image.

7.2
2015-05-18 CVE-2015-3629 Docker Link Following vulnerability in Docker Libcontainer 1.6.0

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.

7.2
2015-05-18 CVE-2015-3627 Docker Link Following vulnerability in Docker and Libcontainer

Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.

7.2
2015-05-18 CVE-2015-2667 Gns3 Search Path Local Privilege Escalation vulnerability in Gns3 1.2.3

Untrusted search path vulnerability in GNS3 1.2.3 allows local users to gain privileges via a Trojan horse uuid.dll in an unspecified directory.

7.2

32 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-05-21 CVE-2012-1978 Simple PHP Agenda Project Cross-Site Request Forgery (CSRF) vulnerability in Simple PHP Agenda Project Simple PHP Agenda 2.2.8

Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Agenda 2.2.8 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator via a request to auth/process.php, (2) delete an administrator via a request to auth/admin/adminprocess.php, (3) add an event via a request to engine/new_event.php, or (4) delete an event via a request to phpagenda/.

6.8
2015-05-21 CVE-2015-0741 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Hosted Collaboration Solution

Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Prime Central for Hosted Collaboration Solution (PC4HCS) 10.6(1) and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut04596.

6.8
2015-05-20 CVE-2015-3141 Synametrics Cross-Site Request Forgery (CSRF) vulnerability in Synametrics Xeams 4.4

Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies Xeams 4.5 Build 5755 and earlier allow remote attackers to hijack the authentication of administrators for requests that create an (1) SMTP domain or a (2) user via a request to /FrontController; or conduct cross-site scripting (XSS) attacks via the (3) domainname parameter to /FrontController, when creating a new SMTP domain configuration; the (4) txtRecipient parameter to /FrontController, when creating a new forwarder; the (5) popFetchServer, (6) popFetchUser, or (7) popFetchRecipient parameter to /FrontController, when creating a new POP3 Fetcher account; or the (8) Smtp HELO domain in the Advanced Server Configuration.

6.8
2015-05-20 CVE-2012-4902 Template CMS Project Cross-Site Request Forgery (CSRF) vulnerability in Template CMS Project Template CMS

Multiple cross-site request forgery (CSRF) vulnerabilities in Template CMS 2.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator user via an add action to admin/index.php or (2) conduct static PHP code injection attacks via the themes_editor parameter in an edit_template action to admin/index.php.

6.8
2015-05-20 CVE-2012-6691 Oscmax Cross-Site Request Forgery (CSRF) vulnerability in Oscmax 2.5.0

Multiple cross-site request forgery (CSRF) vulnerabilities in the admin panel in osCMax before 2.5.1 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) status parameter to admin/stats_monthly_sales.php or (2) country parameter in a process action to admin/create_account_process.php.

6.8
2015-05-20 CVE-2015-1255 Google
Debian
Multiple Security vulnerability in Google Chrome

Use-after-free vulnerability in content/renderer/media/webaudio_capturer_source.cc in the WebAudio implementation in Google Chrome before 43.0.2357.65 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by leveraging improper handling of a stop action for an audio track.

6.8
2015-05-20 CVE-2015-1251 Google
Debian
Multiple Security vulnerability in Google Chrome

Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem in Google Chrome before 43.0.2357.65 allows remote attackers to execute arbitrary code via a crafted document.

6.8
2015-05-20 CVE-2015-0740 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 10.6(1)

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus28826.

6.8
2015-05-23 CVE-2015-0750 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Hosted Collaboration Solution

The administrative web interface in Cisco Hosted Collaboration Solution (HCS) 10.6(1) and earlier allows remote authenticated users to execute arbitrary commands via crafted input to unspecified fields, aka Bug ID CSCut02786.

6.5
2015-05-22 CVE-2015-0916 Cacti SQL Injection vulnerability in Cacti

SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the local_graph_id parameter, a different vulnerability than CVE-2007-6035.

6.5
2015-05-21 CVE-2015-4018 Feedwordpress Project SQL Injection vulnerability in Feedwordpress Project Feedwordpress 2014.0805

SQL injection vulnerability in feedwordpresssyndicationpage.class.php in the FeedWordPress plugin before 2015.0514 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the link_ids[] parameter in an Update action in the syndication.php page to wp-admin/admin.php.

6.5
2015-05-20 CVE-2014-8924 IBM XML External Entity Information Disclosure vulnerability in IBM products

The server in IBM License Metric Tool 7.2.2 before IF15 and 7.5 before IF24 and Tivoli Asset Discovery for Distributed 7.2.2 before IF15 and 7.5 before IF24 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

6.4
2015-05-22 CVE-2015-0746 Cisco 7PK - Security Features vulnerability in Cisco Secure Access Control Server 5.5(0.46.2)

The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outage) by sending many requests, aka Bug ID CSCut62022.

5.0
2015-05-21 CVE-2015-3912 Huawei Information Exposure vulnerability in Huawei E355S Mobile Wifi Firmware and Webui

Huawei E355s Mobile WiFi with firmware before 22.158.45.02.625 and WEBUI before 13.100.04.01.625 allows remote attackers to obtain sensitive configuration information by sniffing the network or sending unspecified commands.

5.0
2015-05-21 CVE-2015-0742 Cisco Resource Management Errors vulnerability in Cisco Adaptive Security Appliance Software

The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398.

5.0
2015-05-20 CVE-2015-4016 Valve Code vulnerability in Valve Steam

The client detection protocol in Valve Steam allows remote attackers to cause a denial of service (process crash) via a crafted response to a broadcast packet.

5.0
2015-05-20 CVE-2015-1261 Debian
Google
Improper Input Validation vulnerability in multiple products

android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java in Google Chrome before 43.0.2357.65 on Android does not properly restrict use of a URL's fragment identifier during construction of a page-info popup, which allows remote attackers to spoof the URL bar or deliver misleading popup content via crafted text.

5.0
2015-05-20 CVE-2015-1254 Debian
Google
Permissions, Privileges, and Access Controls vulnerability in multiple products

core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2357.65, enables the inheritance of the designMode attribute, which allows remote attackers to bypass the Same Origin Policy by leveraging the availability of editing.

5.0
2015-05-19 CVE-2015-3407 Canonical
Module Signature Project
Improper Access Control vulnerability in multiple products

Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files.

5.0
2015-05-18 CVE-2015-2704 Realmd Project Injection vulnerability in Realmd Project Realmd 15.2

realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response.

5.0
2015-05-22 CVE-2015-0915 Rakus Cross-Site Scripting vulnerability in Rakus Maildealer

Cross-site scripting (XSS) vulnerability in RAKUS MailDealer 11.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted attachment filename.

4.3
2015-05-21 CVE-2015-3647 Wppa Opajaap Cross-Site Scripting vulnerability in Wppa.Opajaap Wp-Photo-Album-Plus 6.1.2

Multiple cross-site scripting (XSS) vulnerabilities in wppa-ajax-front.php in the WP Photo Album Plus (aka WPPA) plugin before 6.1.3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) comemail or (2) comname parameter in a wppa do-comment action.

4.3
2015-05-21 CVE-2015-4000 Openssl
Canonical
HP
IBM
Oracle
Debian
Suse
Apple
Mozilla
Microsoft
Google
Opera
Cryptographic Issues vulnerability in multiple products

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

4.3
2015-05-20 CVE-2012-4901 Template CMS Project Cross-Site Scripting vulnerability in Template CMS Project Template CMS

Cross-site scripting (XSS) vulnerability in Template CMS 2.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the themes_editor parameter in an add_template action to admin/index.php.

4.3
2015-05-20 CVE-2012-3243 Seogento Cross-Site Scripting vulnerability in Seogento

Cross-site scripting (XSS) vulnerability in the SEOgento plugin for Magento allows remote attackers to inject arbitrary web script or HTML via the id parameter.

4.3
2015-05-20 CVE-2012-1664 Oscmax Cross-Site Scripting vulnerability in Oscmax 2.5.0

Multiple cross-site scripting (XSS) vulnerabilities in the admin panel in osCMax before 2.5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter in a process action to admin/login.php; (2) pageTitle, (3) current_product_id, or (4) cPath parameter to admin/new_attributes_include.php; (5) sb_id, (6) sb_key, (7) gc_id, (8) gc_key, or (9) path parameter to admin/htaccess.php; (10) title parameter to admin/information_form.php; (11) search parameter to admin/xsell.php; (12) gross or (13) max parameter to admin/stats_products_purchased.php; (14) status parameter to admin/stats_monthly_sales.php; (15) sorted parameter to admin/stats_customers.php; (16) information_id parameter to /admin/information_manager.php; or (17) zID parameter to /admin/geo_zones.php.

4.3
2015-05-20 CVE-2015-1264 Google
Debian
Cross-Site Scripting vulnerability in Google Chrome

Cross-site scripting (XSS) vulnerability in Google Chrome before 43.0.2357.65 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted data that is improperly handled by the Bookmarks feature.

4.3
2015-05-20 CVE-2015-1263 Google
Debian
Code vulnerability in Google Chrome

The Spellcheck API implementation in Google Chrome before 43.0.2357.65 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file.

4.3
2015-05-19 CVE-2015-3885 Dcraw Project
Fedoraproject
Numeric Errors vulnerability in multiple products

Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.

4.3
2015-05-20 CVE-2015-0189 IBM Resource Management Errors vulnerability in IBM Websphere MQ

The cluster repository manager in IBM WebSphere MQ 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allows remote authenticated administrators to cause a denial of service (memory overwrite and daemon outage) by triggering multiple transmit-queue records.

4.0
2015-05-19 CVE-2015-0739 Cisco Improper Input Validation vulnerability in Cisco Firesight System Software 5.3.0

The Lights-Out Management (LOM) implementation in Cisco FireSIGHT System Software 5.3.0 on Sourcefire 3D Sensor devices allows remote authenticated users to perform arbitrary Baseboard Management Controller (BMC) file uploads via unspecified vectors, aka Bug ID CSCus87938.

4.0
2015-05-18 CVE-2015-2346 Huawei Unspecified vulnerability in Huawei SEQ Analyst

XML external entity (XXE) vulnerability in Huawei SEQ Analyst before V200R002C03LG0001CP0022 allows remote authenticated users to read arbitrary files via the req parameter.

4.0

7 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-05-19 CVE-2015-0267 Redhat Insecure Temporary File Creation vulnerability in kexec-tools

The Red Hat module-setup.sh script for kexec-tools, as distributed in the kexec-tools before 2.0.7-19 packages in Red Hat Enterprise Linux, allows local users to write to arbitrary files via a symlink attack on a temporary file.

3.6
2015-05-18 CVE-2015-3631 Docker Permissions, Privileges, and Access Controls vulnerability in Docker

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc.

3.6
2015-05-19 CVE-2015-3988 Openstack
Oracle
Cross-Site Scripting vulnerability in multiple products

Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a (1) Glance image, (2) Nova flavor or (3) Host Aggregate.

3.5
2015-05-18 CVE-2015-3455 Oracle
Squid Cache
Fedoraproject
Improper Input Validation vulnerability in multiple products

Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.

2.6
2015-05-20 CVE-2015-3999 Piriform Information Exposure vulnerability in Piriform Ccleaner

Piriform CCleaner 3.26.0.1988 through 5.02.5101 writes the filenames to disk when overwriting files, which allows local users to obtain sensitive information by searching unallocated disk space.

2.1
2015-05-20 CVE-2014-4776 IBM Information Exposure vulnerability in IBM License Metric Tool 9.0/9.0.1/9.1.0.1

IBM License Metric Tool 9 before 9.1.0.2 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

2.1
2015-05-20 CVE-2014-6211 IBM Information Exposure vulnerability in IBM Websphere Commerce

The command-line scripts in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 through 7.0.0.9, and 7.0 Feature Pack 2 through 8, when debugging is configured, do not properly restrict the logging of personal data, which allows local users to obtain sensitive information by reading a log file.

2.1