Weekly Vulnerabilities Reports > July 20 to 26, 2015

Overview

74 new vulnerabilities reported during this period, including 5 critical vulnerabilities and 14 high severity vulnerabilities. This weekly summary report vulnerabilities in 92 products from 33 vendors including Opensuse, Google, Debian, Redhat, and IBM. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", and "Resource Management Errors".

  • 70 reported vulnerabilities are remotely exploitables.
  • 1 reported vulnerabilities have public exploit available.
  • 16 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 56 reported vulnerabilities are exploitable by an anonymous user.
  • Opensuse has the most reported vulnerabilities, with 24 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

5 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-07-24 CVE-2015-4262 Cisco Credentials Management vulnerability in Cisco Unified Meetingplace web Conferencing

The password-change feature in Cisco Unified MeetingPlace Web Conferencing before 8.5(5) MR3 and 8.6 before 8.6(2) does not check the session ID or require entry of the current password, which allows remote attackers to reset arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuu51839.

10.0
2015-07-20 CVE-2015-5124 Adobe
Apple
Microsoft
Opensuse
Linux
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431.

10.0
2015-07-20 CVE-2015-2426 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Driver Vulnerability."

9.3
2015-07-20 CVE-2014-9196 Eaton 7PK - Security Features vulnerability in Eaton Proview

Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.

9.3
2015-07-24 CVE-2015-4235 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco products

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3o) and 1.1 before 1.1(1j) and Nexus 9000 ACI devices with software before 11.0(4o) and 11.1 before 11.1(1j) do not properly restrict access to the APIC filesystem, which allows remote authenticated users to obtain root privileges via unspecified use of the APIC cluster-management configuration feature, aka Bug IDs CSCuu72094 and CSCuv11991.

9.0

14 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-07-21 CVE-2015-5611 FCA Remote Privilege Escalation vulnerability in FCA Uconnect 15.26.1

Unspecified vulnerability in Uconnect before 15.26.1, as used in certain Fiat Chrysler Automobiles (FCA) from 2013 to 2015 models, allows remote attackers in the same cellular network to control vehicle movement, cause human harm or physical damage, or modify dashboard settings via vectors related to modification of entertainment-system firmware and access of the CAN bus due to insufficient "Radio security protection," as demonstrated on a 2014 Jeep Cherokee Limited FWD.

8.3
2015-07-20 CVE-2015-1935 IBM Code vulnerability in IBM DB2

The scalar-function implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors.

8.0
2015-07-23 CVE-2015-4527 EMC Information Exposure vulnerability in EMC Avamar Server and Avamar Server Virtual Edition

Directory traversal vulnerability in EMC Avamar Server 7.x before 7.1.2 and Avamar Virtual Addition (AVE) 7.x before 7.1.2 allows remote attackers to read arbitrary files by using the Avamar Desktop/Laptop client interface to send crafted parameters.

7.8
2015-07-21 CVE-2015-4283 Cisco Resource Management Errors vulnerability in Cisco Videoscape Policy Resource Manager 3.5.4

Cisco Videoscape Policy Resource Manager (PRM) 3.5.4 allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCuu35104 and CSCuu35128.

7.8
2015-07-23 CVE-2015-1289 Google
Opensuse
Redhat
Debian
Multiple Security vulnerability in Google Chrome

Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5
2015-07-23 CVE-2015-1284 Google
Opensuse
Redhat
Improper Input Validation vulnerability in Google Chrome

The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page's maximum number of frames, which allows remote attackers to cause a denial of service (invalid count value and use-after-free) or possibly have unspecified other impact via crafted JavaScript code that makes many createElement calls for IFRAME elements.

7.5
2015-07-23 CVE-2015-1280 Google
Redhat
Debian
Opensuse
Buffer Errors vulnerability in Google Chrome

SkPictureShader.cpp in Skia, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging access to a renderer process and providing crafted serialized data.

7.5
2015-07-23 CVE-2015-1279 Redhat
Debian
Opensuse
Google
Numeric Errors vulnerability in multiple products

Integer overflow in the CJBig2_Image::expand function in fxcodec/jbig2/JBig2_Image.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via large height and stride values.

7.5
2015-07-23 CVE-2015-1277 Google
Debian
Redhat
Opensuse
Multiple Security vulnerability in Google Chrome

Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for accessibility-tree data structures.

7.5
2015-07-23 CVE-2015-1276 Google
Debian
Redhat
Opensuse
Multiple Security vulnerability in Google Chrome

Use-after-free vulnerability in content/browser/indexed_db/indexed_db_backing_store.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an abort action before a certain write operation.

7.5
2015-07-23 CVE-2015-1272 Debian
Redhat
Opensuse
Google
Multiple Security vulnerability in Google Chrome Prior to 44.0.2403.89

Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown, related to content/browser/gpu/browser_gpu_channel_host_factory.cc and content/renderer/render_thread_impl.cc.

7.5
2015-07-21 CVE-2015-4554 Tibco Multiple Unspecified vulnerability in Multiple TIBCO Products

Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Analytics Platform for AWS 6.5 and 7.0.x before 7.0.1; Spotfire Automation Services before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Deployment Kit before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Desktop before 6.5.2 and 7.0.x before 7.0.1; Spotfire Desktop Language Packs 7.0.x before 7.0.1; Spotfire Professional before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Web Player before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; and Silver Fabric Enabler for Spotfire Web Player before 2.1.1 allow remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors.

7.5
2015-07-20 CVE-2015-4279 Cisco OS Command Injection vulnerability in Cisco Unified Computing System 2.2(3B)

The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) on B Blade Server devices allows local users to gain privileges for executing arbitrary CLI commands by leveraging access to the subordinate fabric interconnect, aka Bug ID CSCut32778.

7.2
2015-07-24 CVE-2015-0681 Cisco Resource Management Errors vulnerability in Cisco IOS and IOS XE

The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1, 12.4(25e)JAO5m, 12.4(23)JY, 15.0(2)ED1, 15.0(2)EY3, 15.1(3)SVF4a, and 15.2(2)JB1 and IOS XE 2.5.x, 2.6.x, 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, and 3.5.xS before 3.6.0S; 3.1.xSG, 3.2.xSG, and 3.3.xSG before 3.4.0SG; 3.2.xSE before 3.3.0SE; 3.2.xXO before 3.3.0XO; 3.2.xSQ; 3.3.xSQ; and 3.4.xSQ allows remote attackers to cause a denial of service (device hang or reload) via multiple requests that trigger improper memory management, aka Bug ID CSCts66733.

7.1

48 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-07-20 CVE-2015-2418 Microsoft Race Condition vulnerability in Microsoft Malicious Software Removal Tool

Race condition in Microsoft Malicious Software Removal Tool (MSRT) before 5.26 allows local users to gain privileges via a crafted DLL, aka "MSRT Race Condition Vulnerability."

6.9
2015-07-26 CVE-2015-1872 Canonical
Ffmpeg
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Motion JPEG data.

6.8
2015-07-26 CVE-2015-2848 Honeywell Cross-Site Request Forgery (CSRF) vulnerability in Honeywell Tuxedo Touch

Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo Touch before 5.2.19.0_VA allows remote attackers to hijack the authentication of arbitrary users for requests associated with home-automation commands, as demonstrated by a door-unlock command.

6.8
2015-07-23 CVE-2015-1288 Google
Debian
Redhat
Opensuse
Code vulnerability in Google Chrome

The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related issue to CVE-2015-1263.

6.8
2015-07-23 CVE-2015-1283 Google
Libexpat Project
Numeric Errors vulnerability in multiple products

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.

6.8
2015-07-23 CVE-2015-1282 Google
Opensuse
Redhat
Debian
Multiple Security vulnerability in Google Chrome

Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to the (1) Document::delay and (2) Document::DoFieldDelay functions.

6.8
2015-07-23 CVE-2015-1274 Debian
Opensuse
Redhat
Google
7PK - Security Features vulnerability in multiple products

Google Chrome before 44.0.2403.89 does not ensure that the auto-open list omits all dangerous file types, which makes it easier for remote attackers to execute arbitrary code by providing a crafted file and leveraging a user's previous "Always open files of this type" choice, related to download_commands.cc and download_prefs.cc.

6.8
2015-07-23 CVE-2015-1273 Opensuse
Redhat
Google
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF document.

6.8
2015-07-23 CVE-2015-1271 Opensuse
Google
Debian
Redhat
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted PDF document that triggers a large memory allocation.

6.8
2015-07-23 CVE-2015-1270 Google
Redhat
Opensuse
Debian
Oracle
Data Processing Errors vulnerability in Google Chrome

The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service (read of uninitialized memory) or possibly have unspecified other impact via a crafted file.

6.8
2015-07-22 CVE-2015-4281 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Meetings Server 2.5(1)

Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.5 MR1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCus56150 and CSCus56146.

6.8
2015-07-20 CVE-2015-4111 Blackberry Improper Input Validation vulnerability in Blackberry Link

mc_demux_mp4_ds.ax in an unspecified third-party codec demux in BlackBerry Link before 1.2.3.53 with installer before 1.1.0.22 allows remote attackers to execute arbitrary code via a crafted MP4 file.

6.8
2015-07-20 CVE-2015-0157 IBM Improper Input Validation vulnerability in IBM DB2

IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by leveraging an unspecified scalar function in a SQL statement.

6.8
2015-07-21 CVE-2015-2134 HP Cross-Site Request Forgery (CSRF) vulnerability in HP System Management Homepage

Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

6.0
2015-07-26 CVE-2015-3227 Opensuse
Rubyonrails
XML Parsing Remote Denial of Service vulnerability in Ruby on Rails activesupport

The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service (SystemStackError) via a large XML document depth.

5.0
2015-07-26 CVE-2015-3225 Rack Project
Opensuse
Debian
Data Processing Errors vulnerability in multiple products

lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth.

5.0
2015-07-26 CVE-2015-1840 Fedoraproject
Rubyonrails
Opensuse
Information Exposure vulnerability in multiple products

jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value.

5.0
2015-07-26 CVE-2015-2847 Honeywell Improper Access Control vulnerability in Honeywell Tuxedo Touch

Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests from the client-server data stream.

5.0
2015-07-26 CVE-2015-4945 IBM Information Exposure vulnerability in IBM Maximo Anywhere 7.5.1.0/7.5.1.1/7.5.1.2

Unspecified vulnerability in the IBM Maximo Anywhere application 7.5.1 through 7.5.1.2 for Android allows attackers to bypass a passcode protection mechanism and obtain sensitive information via a crafted application.

5.0
2015-07-26 CVE-2015-2975 Research Artisan Authentication Bypass vulnerability in Research Artisan Lite

Research Artisan Lite before 1.18 does not ensure that a user has authenticated, which allows remote attackers to perform unspecified actions via unknown vectors.

5.0
2015-07-23 CVE-2015-4285 Cisco Resource Management Errors vulnerability in Cisco IOS XR

The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5.2.2 on ASR9k devices makes incorrect decisions about the opening of TCP and UDP ports during the processing of flow base entries, which allows remote attackers to cause a denial of service (resource consumption) by sending traffic to these ports continuously, aka Bug ID CSCur88273.

5.0
2015-07-23 CVE-2015-5605 Google
Opensuse
Code vulnerability in Google Chrome

The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash) via crafted JavaScript code, as demonstrated by an error in garbage collection during allocation of a stack-overflow exception message.

5.0
2015-07-23 CVE-2015-1285 Redhat
Debian
Opensuse
Google
Information Exposure vulnerability in multiple products

The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sensitive information via an unspecified linear-time attack.

5.0
2015-07-22 CVE-2015-4284 Cisco Improper Input Validation vulnerability in Cisco IOS XR 5.3.0

The Concurrent Data Management Replication process in Cisco IOS XR 5.3.0 on ASR 9000 devices allows remote attackers to cause a denial of service (BGP process reload) via malformed BGPv4 packets, aka Bug ID CSCur70670.

5.0
2015-07-22 CVE-2015-4651 Wireshark
Debian
Oracle
Resource Management Errors vulnerability in multiple products

The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

5.0
2015-07-21 CVE-2015-2869 Ghisler Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ghisler Total Commander

The FileInfo plugin before 2.22 for Ghisler Total Commander allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via (1) a large Size value in the Archive Member Header of a COFF Archive Library file, (2) a large Number Of Symbols value in the 1st Linker Member of a COFF Archive Library file, (3) a large Resource Table Count value in the LE Header of a Linear Executable file, or (4) a large value in a certain Object field in a Resource Table Entry in a Linear Executable file.

5.0
2015-07-20 CVE-2015-3183 Apache Improper Input Validation vulnerability in Apache Http Server

The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.

5.0
2015-07-20 CVE-2015-0253 Apache
Apple
Oracle
The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method to an installation that enables the INCLUDES filter and has an ErrorDocument 400 directive specifying a local URI.
5.0
2015-07-26 CVE-2015-3226 Rubyonrails Cross-Site Scripting vulnerability in Rubyonrails Rails and Ruby ON Rails

Cross-site scripting (XSS) vulnerability in json/encoding.rb in Active Support in Ruby on Rails 3.x and 4.1.x before 4.1.11 and 4.2.x before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted Hash that is mishandled during JSON encoding.

4.3
2015-07-26 CVE-2015-3224 Rubyonrails Improper Access Control vulnerability in Rubyonrails web Console 2.1.2

request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted request.

4.3
2015-07-25 CVE-2015-2976 Research Artisan Cross-Site Scripting vulnerability in Research-Artisan Research Artisan Lite

Multiple cross-site scripting (XSS) vulnerabilities in Research Artisan Lite before 1.18 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted HTML document or (2) a crafted URL that is mishandled during access-log analysis.

4.3
2015-07-24 CVE-2015-2973 Welcart Cross-Site Scripting vulnerability in Welcart

Multiple cross-site scripting (XSS) vulnerabilities in the Welcart plugin before 1.4.18 for WordPress allow remote attackers to inject arbitrary web script or HTML via the usces_referer parameter to (1) classes/usceshop.class.php, (2) includes/edit-form-advanced.php, (3) includes/edit-form-advanced30.php, (4) includes/edit-form-advanced34.php, (5) includes/member_edit_form.php, (6) includes/order_edit_form.php, (7) includes/order_list.php, or (8) includes/usces_item_master_list.php, related to admin.php.

4.3
2015-07-23 CVE-2015-1287 Opensuse
Google
Redhat
Debian
Code vulnerability in multiple products

Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to core/fetch/CSSStyleSheetResource.cpp.

4.3
2015-07-23 CVE-2015-1286 Debian
Opensuse
Redhat
Google
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in the V8ContextNativeHandler::GetModuleSystem function in extensions/renderer/v8_context_native_handler.cc in Google Chrome before 44.0.2403.89 allows remote attackers to inject arbitrary web script or HTML by leveraging the lack of a certain V8 context restriction, aka a Blink "Universal XSS (UXSS)."

4.3
2015-07-23 CVE-2015-1281 Opensuse
Debian
Google
Redhat
7PK - Security Features vulnerability in multiple products

core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy (CSP) restrictions by providing an image from an unintended source.

4.3
2015-07-23 CVE-2015-1278 Debian
Redhat
Google
Opensuse
7PK - Security Features vulnerability in multiple products

content/browser/web_contents/web_contents_impl.cc in Google Chrome before 44.0.2403.89 does not ensure that a PDF document's modal dialog is closed upon navigation to an interstitial page, which allows remote attackers to spoof URLs via a crafted document, as demonstrated by the alert_dialog.pdf document.

4.3
2015-07-23 CVE-2015-1275 Opensuse
Google
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in org/chromium/chrome/browser/UrlUtilities.java in Google Chrome before 44.0.2403.89 on Android allows remote attackers to inject arbitrary web script or HTML via a crafted intent: URL, as demonstrated by a trailing alert(document.cookie);// substring, aka "Universal XSS (UXSS)."

4.3
2015-07-22 CVE-2014-0611 Novell Cross-Site Scripting vulnerability in Novell Groupwise

Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2015-07-22 CVE-2015-4652 Debian
Wireshark
Improper Input Validation vulnerability in multiple products

epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions.

4.3
2015-07-20 CVE-2015-3185 Canonical
Apache
Apple
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging the presence of a module that relies on the 2.2 API behavior.

4.3
2015-07-20 CVE-2015-2863 Kaseya Open Redirection vulnerability in Kaseya Virtual System Administrator

Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

4.3
2015-07-21 CVE-2015-1905 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Business Process Manager

The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0 allows remote authenticated users to bypass intended access restrictions on task-variable value changes via unspecified vectors.

4.0
2015-07-21 CVE-2015-5610 Solarwinds Information Exposure vulnerability in Solarwinds N-Able N-Central

The RSM (aka RSMWinService) service in SolarWinds N-Able N-Central before 9.5.1.4514 uses the same password decryption key across different customers' installations, which makes it easier for remote authenticated users to obtain the cleartext domain-administrator password by locating the encrypted password within HTML source code and then leveraging knowledge of this key from another installation.

4.0
2015-07-20 CVE-2015-2862 Kaseya Path Traversal vulnerability in Kaseya Virtual System Administrator

Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request.

4.0
2015-07-20 CVE-2015-1984 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Infosphere Master Data Management

IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to bypass intended access restrictions and read arbitrary profiles via unspecified vectors, as demonstrated by discovering usernames for use in brute-force attacks.

4.0
2015-07-20 CVE-2015-1982 IBM Information Exposure vulnerability in IBM Infosphere Master Data Management

IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to obtain sensitive information via a crafted request, which reveals the full path in an error message.

4.0
2015-07-20 CVE-2015-1883 IBM Information Exposure vulnerability in IBM DB2

IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read certain administrative files via crafted use of an automated-maintenance policy stored procedure.

4.0
2015-07-20 CVE-2014-8910 IBM Injection vulnerability in IBM DB2

IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary text files via a crafted XML/XSLT function in a SELECT statement.

4.0

7 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2015-07-21 CVE-2015-1906 IBM Cross-Site Scripting vulnerability in IBM Business Process Manager

Cross-site scripting (XSS) vulnerability in the REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5
2015-07-20 CVE-2015-1980 IBM Improper Input Validation vulnerability in IBM Infosphere Master Data Management

IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors.

3.5
2015-07-20 CVE-2015-1979 IBM Cross-Site Scripting vulnerability in IBM Case Manager 5.2.1/5.2.1.1

Multiple cross-site scripting (XSS) vulnerabilities in the Error dialog in IBM Case Manager 5.2.1 before 5.2.1.2 allow remote authenticated users to inject arbitrary web script or HTML via crafted input to the (1) addressability or (2) comments component.

3.5
2015-07-20 CVE-2015-1968 IBM Cross-Site Scripting vulnerability in IBM Infosphere Master Data Management

Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5
2015-07-20 CVE-2015-1922 IBM Improper Access Control vulnerability in IBM DB2

The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to bypass intended access restrictions and delete table rows via unspecified vectors.

3.5
2015-07-20 CVE-2015-0130 IBM Cross-Site Scripting vulnerability in IBM products

Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5
2015-07-22 CVE-2015-5464 Gemalto Improper Access Control vulnerability in Gemalto products

The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition.

1.3