Weekly Vulnerabilities Reports > August 3 to 9, 2015
Overview
63 new vulnerabilities reported during this period, including 33 critical vulnerabilities and 7 high severity vulnerabilities. This weekly summary report vulnerabilities in 70 products from 19 vendors including Gehealthcare, IBM, Mozilla, Debian, and Wordpress. Vulnerabilities are notably categorized as "Credentials Management", "Cross-site Scripting", "Resource Management Errors", "Information Exposure", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".
- 54 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities have public exploit available.
- 11 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 60 reported vulnerabilities are exploitable by an anonymous user.
- Gehealthcare has the most reported vulnerabilities, with 26 reported vulnerabilities.
- Gehealthcare has the most reported critical vulnerabilities, with 26 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
33 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-08-08 | CVE-2015-2897 | Sierrawireless | Information Exposure vulnerability in Sierrawireless Aleos Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote attackers to obtain administrative access via a (1) SSH or (2) TELNET session. | 10.0 |
2015-08-04 | CVE-2014-9736 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Centricity Clinical Archive Audit Trail Repository GE Healthcare Centricity Clinical Archive Audit Trail Repository has a default password of initinit for the (1) SSL key manager and (2) server keystore; (3) keystore_password for the server truststore; and atna for the (4) primary storage database and (5) archive storage database, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2014-7233 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Precision Thunis-800+ GE Healthcare Precision THUNIS-800+ has a default password of (1) 1973 for the factory default System Utilities menu, (2) TH8740 for installation using TH8740_122_Setup.exe, (3) hrml for "Setup and Activation" using DSASetup, and (4) an empty string for Shutter Configuration, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2014-7232 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Discovery Xr656 and Discovery Xr656 G2 GE Healthcare Discovery XR656 and XR656 G2 has a password of (1) 2getin for the insite user, (2) 4$xray for the xruser user, and (3) #superxr for the root user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2013-7442 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Centricity Pacs Workstation 4.0/4.0.1 GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of (1) CANal1 for the Administrator user and (2) iis for the IIS user, which has unspecified impact and attack vectors related to TimbuktuPro. | 10.0 |
2015-08-04 | CVE-2013-7405 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Centricity DMS 4.2 The Ad Hoc Reporting feature in GE Healthcare Centricity DMS 4.2 has a password of Never!Mind for the Administrator user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2013-7404 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Discovery NM 750B GE Healthcare Discovery NM 750b has a password of 2getin for the insite account for (1) Telnet and (2) FTP, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2012-6695 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Centricity Pacs Workstation 4.0/4.0.1 GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of ddpadmin for the ddpadmin user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2012-6694 | Gehealthcare | Credentials Management vulnerability in Gehealthcare products GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1, and Server 4.0, has a password of 2charGE for the geservice account, which has unspecified impact and attack vectors related to TimbuktuPro. | 10.0 |
2015-08-04 | CVE-2012-6693 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Centricity Pacs Server 4.0 GE Healthcare Centricity PACS 4.0 Server has a default password of (1) nasro for the nasro (ReadOnly) user and (2) nasrw for the nasrw (Read/Write) user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2012-6660 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Precision MPI GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2011-5324 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Centricity Pacs-Iw 3.7.3.7/3.7.3.8 The TeraRecon server, as used in GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions, has a password of (1) shared for the shared user and (2) scan for the scan user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2011-5323 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Centricity Pacs-Iw 3.7.3.7/3.7.3.8 GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions has a password of A11enda1e for the sa SQL server user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2011-5322 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Centricity Analytics Server 1.1 GE Healthcare Centricity Analytics Server 1.1 has a default password of (1) V0yag3r for the SQL Server sa user, (2) G3car3s for the analyst user, (3) G3car3s for the ccg user, (4) V0yag3r for the viewer user, and (5) geservice for the geservice user in the Webmin interface, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2010-5310 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Revolution Xq/I The Acquisition Workstation for the GE Healthcare Revolution XQ/i has a password of adw3.1 for the sdc user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2010-5309 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Cadstream Server Firmware GE Healthcare CADStream Server has a default password of confirma for the admin user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2010-5308 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Optima Mr360 Firmware GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. | 10.0 |
2015-08-04 | CVE-2010-5307 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Optima Mr360 Firmware The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the admin account, and (3) adw2.0 for the sdc account, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2010-5306 | Gehealthcare | Credentials Management vulnerability in Gehealthcare products GE Healthcare Optima CT680, CT540, CT640, and CT520 has a default password of #bigguy for the root user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2009-5143 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Discovery 530C Firmware GE Healthcare Discovery 530C has a password of #bigguy1 for the (1) acqservice user and (2) wsservice user of the Xeleris System, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2007-6757 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Centricity DMS Firmware 4.0/4.1/4.2 GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 has a password of Muse!Admin for the Museadmin user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2006-7253 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Infinia II GE Healthcare Infinia II has a default password of (1) infinia for the infinia user, (2) #bigguy1 for the acqservice user, (3) dont4get2 for the Administrator user, (4) #bigguy1 for the emergency user, and (5) 2Bfamous for the InfiniaAdmin user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2004-2777 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Centricity Image Vault Firmware GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet2002 for the gemnet2002 account of the GEMNet license server, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2003-1603 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Discovery VH GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) "2" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2002-2446 | Gehealthcare | Credentials Management vulnerability in Gehealthcare products GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2002-2445 | Gehealthcare | Denial-Of-Service vulnerability in Gehealthcare Millennium MG, Millennium Myosight and Millennium NC GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password of (1) root.genie for the root user, (2) "service." for the service user, (3) admin.genie for the admin user, (4) reboot for the reboot user, and (5) shutdown for the shutdown user, which has unspecified impact and attack vectors. | 10.0 |
2015-08-04 | CVE-2001-1594 | Gehealthcare | Credentials Management vulnerability in Gehealthcare Entegra P&R GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics printer FTP service, (4) eNTEGRA for the eNTEGRA P&R user account, (5) insite for the WinVNC Login, and possibly other accounts, which has unspecified impact and attack vectors. | 10.0 |
2015-08-03 | CVE-2015-4935 | IBM | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Tivoli Storage Manager Fastback Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4932, CVE-2015-4933, and CVE-2015-4934. | 10.0 |
2015-08-03 | CVE-2015-4934 | IBM | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Tivoli Storage Manager Fastback Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4932, CVE-2015-4933, and CVE-2015-4935. | 10.0 |
2015-08-03 | CVE-2015-4933 | IBM | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Tivoli Storage Manager Fastback Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4932, CVE-2015-4934, and CVE-2015-4935. | 10.0 |
2015-08-03 | CVE-2015-4932 | IBM | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Tivoli Storage Manager Fastback Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4933, CVE-2015-4934, and CVE-2015-4935. | 10.0 |
2015-08-03 | CVE-2015-4931 | IBM | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Tivoli Storage Manager Fastback Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4932, CVE-2015-4933, CVE-2015-4934, and CVE-2015-4935. | 10.0 |
2015-08-07 | CVE-2015-4674 | Timedoctor | Insufficient Verification of Data Authenticity vulnerability in Timedoctor 1.4.72.3 The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file. | 9.3 |
7 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-08-08 | CVE-2015-4495 | Mozilla Oracle Canonical Redhat Suse Opensuse | The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015. | 8.8 |
2015-08-03 | CVE-2015-1987 | IBM | Resource Management Errors vulnerability in IBM Websphere MQ Light 1.0/1.0.0.1 IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (disk consumption) via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1956 and CVE-2015-1958. | 7.8 |
2015-08-03 | CVE-2015-1958 | IBM | Resource Management Errors vulnerability in IBM Websphere MQ Light 1.0/1.0.0.1 IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (disk consumption) via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1956 and CVE-2015-1987. | 7.8 |
2015-08-03 | CVE-2015-1956 | IBM | Resource Management Errors vulnerability in IBM Websphere MQ Light 1.0/1.0.0.1 IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (disk consumption) via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1958 and CVE-2015-1987. | 7.8 |
2015-08-03 | CVE-2015-1955 | IBM | Resource Management Errors vulnerability in IBM Websphere MQ Light 1.0/1.0.0.1 IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (CPU consumption) via a crafted byte sequence in authentication data. | 7.8 |
2015-08-08 | CVE-2015-1805 | Google Linux | Code vulnerability in multiple products The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun." | 7.2 |
2015-08-04 | CVE-2015-3959 | Garrettcom | Local Security Bypass vulnerability in GarrettCom Magnum 6K and 10K Switches Hardcoded Credentials The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches has a hardcoded serial-console password for a privileged account, which might allow physically proximate attackers to obtain access by establishing a console session to a nonstandard installation on which this account is enabled, and leveraging knowledge of this password. | 7.2 |
17 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-08-04 | CVE-2015-3940 | Schneider Electric | Path Traversal vulnerability in Schneider-Electric Wonderware System Platform 2014 R2 Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | 6.9 |
2015-08-08 | CVE-2015-2980 | Yodobashi | Information Exposure vulnerability in Yodobashi 1.2.1.0 The Yodobashi application 1.2.1.0 and earlier for Android allows remote attackers to execute arbitrary Java methods, and consequently obtain sensitive information or execute OS commands, via a crafted HTML document. | 6.8 |
2015-08-04 | CVE-2015-3963 | Windriver | Use of Insufficiently Random Values vulnerability in Windriver Vxworks Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value. | 5.8 |
2015-08-08 | CVE-2015-5962 | Mozilla | Numeric Errors vulnerability in Mozilla Firefox OS Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics layer in Mozilla Firefox OS before 2.2 might allow attackers to cause a denial of service (memory corruption) via a negative value of a size parameter. | 5.0 |
2015-08-03 | CVE-2015-4936 | IBM | Denial of Service vulnerability in Multiple IBM Products Unspecified vulnerability in IBM WebSphere eXtreme Scale 8.6 through 8.6.0.8 allows remote attackers to cause a denial of service via unknown vectors. | 5.0 |
2015-08-06 | CVE-2015-3636 | Linux Debian Redhat Canonical | Local Privilege Escalation vulnerability in Linux Kernel The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect. | 4.9 |
2015-08-05 | CVE-2015-4167 | Debian Linux Canonical | Numeric Errors vulnerability in multiple products The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem. | 4.7 |
2015-08-08 | CVE-2015-4494 | Mozilla | Information Exposure vulnerability in Mozilla Firefox OS Mozilla Firefox OS before 2.2 does not require the wifi-manage privilege for reading a Wi-Fi system message, which allows attackers to obtain potentially sensitive information via a crafted app. | 4.3 |
2015-08-08 | CVE-2015-2745 | Mozilla | Cross-site Scripting vulnerability in Mozilla Firefox OS Multiple cross-site scripting (XSS) vulnerabilities in the Search app in Gaia in Mozilla Firefox OS before 2.2 allow remote attackers to inject arbitrary HTML via the (1) name or (2) title field in card content associated with a search link that is mishandled after a HOME button press or a Show Windows action, as demonstrated by embedding an arbitrary application or spoofing the account-creation page. | 4.3 |
2015-08-08 | CVE-2015-2744 | Mozilla | Cross-site Scripting vulnerability in Mozilla Firefox OS Cross-site scripting (XSS) vulnerability in the Search app in Gaia in Mozilla Firefox OS before 2.2 allows remote attackers to inject arbitrary HTML via a crafted search link that is mishandled after re-opening the browser or opening the tab view. | 4.3 |
2015-08-05 | CVE-2015-3439 | Debian Wordpress | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Ephox (formerly Moxiecode) plupload.flash.swf shim 2.1.2 in Plupload, as used in WordPress 3.9.x, 4.0.x, and 4.1.x before 4.1.2 and other products, allows remote attackers to execute same-origin JavaScript functions via the target parameter, as demonstrated by executing a certain click function, related to _init.as and _fireEvent.as. | 4.3 |
2015-08-05 | CVE-2015-3438 | Wordpress Debian | Cross-site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 4.1.2, when MySQL is used without strict mode, allow remote attackers to inject arbitrary web script or HTML via a (1) four-byte UTF-8 character or (2) invalid character that reaches the database layer, as demonstrated by a crafted character in a comment. | 4.3 |
2015-08-04 | CVE-2015-3960 | Garrettcom | Cryptographic Issues vulnerability in Garrettcom Magnum 10K Firmware and Magnum 6K Firmware The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms for HTTPS sessions by leveraging knowledge of a private key from another installation. | 4.3 |
2015-08-04 | CVE-2015-3942 | Garrettcom | Cross-site Scripting vulnerability in Garrettcom Magnum 10K Firmware and Magnum 6K Firmware Multiple cross-site scripting (XSS) vulnerabilities in the web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-08-03 | CVE-2015-3440 | Debian Wordpress | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type. | 4.3 |
2015-08-03 | CVE-2015-5537 | Siemens | Cleartext Storage of Sensitive Information vulnerability in Siemens products The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566. | 4.3 |
2015-08-03 | CVE-2015-5623 | Wordpress Debian | Improper Access Control vulnerability in multiple products WordPress before 4.2.3 does not properly verify the edit_posts capability, which allows remote authenticated users to bypass intended access restrictions and create drafts by leveraging the Subscriber role, as demonstrated by a post-quickdraft-save action to wp-admin/post.php. | 4.0 |
6 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-08-04 | CVE-2015-3961 | Garrettcom | Resource Management Errors vulnerability in Garrettcom Magnum 10K Firmware and Magnum 6K Firmware The web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allows remote authenticated users to cause a denial of service (memory corruption and reboot) via a crafted URL. | 3.5 |
2015-08-03 | CVE-2015-5622 | Wordpress Debian | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the Author or Contributor role to place a crafted shortcode inside an HTML element, related to wp-includes/kses.php and wp-includes/shortcodes.php. | 3.5 |
2015-08-08 | CVE-2015-5961 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox OS The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content from an external web server URL into the System process, which allows man-in-the-middle attackers to bypass intended access restrictions by spoofing that server. | 3.3 |
2015-08-03 | CVE-2015-1970 | IBM | Information Exposure vulnerability in IBM Websphere Datapower Xc10 Appliance Firmware The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 through 2.5.0.4 retains data on SSD cards, which might allow physically proximate attackers to obtain sensitive information by extracting a card and attaching it elsewhere. | 2.1 |
2015-08-03 | CVE-2015-5084 | Siemens | Information Exposure vulnerability in Siemens products The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite applications before 01.00.01.00 for Android do not properly store passwords, which allows physically proximate attackers to obtain sensitive information via unspecified vectors. | 2.1 |
2015-08-08 | CVE-2015-5960 | Mozilla | Improper Access Control vulnerability in Mozilla Firefox OS Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code protection mechanism and access USB Mass Storage (UMS) media volumes by using the USB interface for a mount operation. | 1.9 |