Weekly Vulnerabilities Reports > August 31 to September 6, 2015
Overview
86 new vulnerabilities reported during this period, including 4 critical vulnerabilities and 17 high severity vulnerabilities. This weekly summary report vulnerabilities in 74 products from 51 vendors including Linux, Cisco, Mediawiki, Basware, and Fortinet. Vulnerabilities are notably categorized as "Cross-site Scripting", "Resource Management Errors", "Information Exposure", "Permissions, Privileges, and Access Controls", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".
- 67 reported vulnerabilities are remotely exploitables.
- 11 reported vulnerabilities have public exploit available.
- 32 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 67 reported vulnerabilities are exploitable by an anonymous user.
- Linux has the most reported vulnerabilities, with 11 reported vulnerabilities.
- Cisco has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
4 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-08-31 | CVE-2015-2135 | HP | Unspecified vulnerability in HP Intelligent Provisioning Unspecified vulnerability in HP Intelligent Provisioning 1.00 through 1.62(a), 2.00, and 2.10 allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
2015-09-04 | CVE-2014-9605 | Netsweeper | Improper Authentication vulnerability in Netsweeper WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' (single quote) character in the login and password parameters to webupgrade/webupgrade.php. | 9.4 |
2015-09-04 | CVE-2015-6259 | Cisco | Improper Input Validation vulnerability in Cisco products The JavaServer Pages (JSP) component in Cisco Integrated Management Controller (IMC) Supervisor before 1.0.0.1 and UCS Director (formerly Cloupia Unified Infrastructure Controller) before 5.2.0.1 allows remote attackers to write to arbitrary files via crafted HTTP requests, aka Bug IDs CSCus36435 and CSCus62625. | 9.4 |
2015-09-04 | CVE-2015-4544 | EMC | Permissions, Privileges, and Access Controls vulnerability in EMC Documentum Content Server 7.1/7.2 EMC Documentum Content Server before 7.1P20 and 7.2.x before 7.2P04 does not properly verify authorization for dm_job object access, which allows remote authenticated users to obtain superuser privileges via crafted object operations. | 9.0 |
17 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-08-31 | CVE-2014-2331 | Check MK Project | Code Injection vulnerability in Check MK Project Check MK Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. | 8.5 |
2015-09-05 | CVE-2015-5722 | ISC Apple | Improper Input Validation vulnerability in multiple products buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. | 7.8 |
2015-09-04 | CVE-2015-6812 | Invisionpower Invisioncommunity | Resource Management Errors vulnerability in Invisioncommunity Invision Power Board Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.0.12.1 allows remote attackers to cause a denial of service (loop and memory consumption) via a crafted URL. | 7.8 |
2015-08-31 | CVE-2015-6272 | Cisco | Resource Management Errors vulnerability in Cisco IOS XE Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted H.323 packet, aka Bug ID CSCsx35393, CSCsx07094, and CSCsw93064. | 7.8 |
2015-08-31 | CVE-2015-6271 | Cisco | Resource Management Errors vulnerability in Cisco IOS XE Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted SIP packet, aka Bug IDs CSCta74749 and CSCta77008. | 7.8 |
2015-08-31 | CVE-2015-6270 | Cisco | Resource Management Errors vulnerability in Cisco IOS XE 2.2.1/2.2.2 Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted IPv6 packet, aka Bug ID CSCsv98555. | 7.8 |
2015-08-31 | CVE-2015-6269 | Cisco | Resource Management Errors vulnerability in Cisco IOS XE 2.2.1/2.2.2 Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted (1) IPv4 or (2) IPv6 packet, aka Bug ID CSCsw69990. | 7.8 |
2015-09-04 | CVE-2015-6811 | Cyberoam | SQL Injection vulnerability in Cyberoam Cyberoamos 10.6.2 SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.xml. | 7.5 |
2015-09-04 | CVE-2015-4538 | EMC | XML External Entity Injection vulnerability in EMC Atmos 2.2.3/2.3.0 The XML parser in EMC Atmos before 2.2.3.426 and 2.3.x before 2.3.1.0 allows remote authenticated users to read arbitrary files or cause a denial of service (CPU and memory consumption) via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 7.5 |
2015-09-02 | CVE-2015-3308 | GNU Canonical | Denial of Service vulnerability in GnuTLS 'x509_ext.c' Use After Free Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point. | 7.5 |
2015-09-01 | CVE-2015-6728 | Mediawiki | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 does not perform token comparison in constant time, which allows remote attackers to guess the watchlist token and bypass CSRF protection via a timing attack. | 7.5 |
2015-09-01 | CVE-2015-6520 | Ippusbxd Project | Permissions, Privileges, and Access Controls vulnerability in Ippusbxd Project Ippusbxd 1.21.2 IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to USB connected printers via a direct request. | 7.5 |
2015-08-31 | CVE-2015-6750 | Ricoh | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ricoh Dl-1 Sr10 Buffer overflow in Ricoh DL FTP Server 1.1.0.6 and earlier allows remote attackers to execute arbitrary code via a long USER command. | 7.5 |
2015-09-03 | CVE-2015-5737 | Fortinet | Permissions, Privileges, and Access Controls vulnerability in Fortinet Forticlient The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for management of processes and the Windows registry, which allows local users to obtain a privileged handle to a PID and possibly have unspecified other impact, as demonstrated by a 0x2220c8 ioctl call. | 7.2 |
2015-09-03 | CVE-2015-5736 | Fortinet | Permissions, Privileges, and Access Controls vulnerability in Fortinet Forticlient The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call. | 7.2 |
2015-09-03 | CVE-2015-5735 | Fortinet | Permissions, Privileges, and Access Controls vulnerability in Fortinet Forticlient The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to write to arbitrary memory locations via a 0x226108 ioctl call. | 7.2 |
2015-09-05 | CVE-2015-5986 | ISC Apple | Improper Input Validation vulnerability in multiple products openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response. | 7.1 |
48 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-09-02 | CVE-2015-4330 | Cisco | OS Command Injection vulnerability in Cisco Telepresence Video Communication Server Software X8.5.2 A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556. | 6.9 |
2015-09-05 | CVE-2015-2991 | Nscripter Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nscripter Project Nscripter Buffer overflow in NScripter before 3.00 allows remote attackers to execute arbitrary code via crafted save data. | 6.8 |
2015-09-03 | CVE-2015-6545 | Webgroupmedia | Cross-Site Request Forgery (CSRF) vulnerability in Webgroupmedia Cerb Cross-site request forgery (CSRF) vulnerability in ajax.php in Cerb before 7.0.4 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a saveWorkerPeek action. | 6.8 |
2015-08-31 | CVE-2015-6655 | Pligg | Cross-Site Request Forgery (CSRF) vulnerability in Pligg CMS 2.0.2 Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator via a request to admin/admin_users.php. | 6.8 |
2015-08-31 | CVE-2014-2330 | Check MK Project | Cross-Site Request Forgery (CSRF) vulnerability in Check MK Project Check MK Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload arbitrary snapshots, (2) delete arbitrary files, or possibly have other unspecified impact via unknown vectors. | 6.8 |
2015-08-31 | CVE-2015-6743 | Basware | Credentials Management vulnerability in Basware Banking Basware Banking (Maksuliikenne) 8.90.07.X uses a hardcoded password for an unspecified account, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password. | 6.5 |
2015-08-31 | CVE-2015-6742 | Basware | Credentials Management vulnerability in Basware Banking Basware Banking (Maksuliikenne) before 8.90.07.X uses a hardcoded password for the ANCO account, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password. | 6.5 |
2015-09-02 | CVE-2015-6277 | Cisco | Resource Management Errors vulnerability in Cisco products The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292. | 6.1 |
2015-08-31 | CVE-2015-0943 | Basware | Information Exposure vulnerability in Basware Banking Basware Banking (Maksuliikenne) before 9.10.0.0 does not encrypt communication between the client and the backend server, which allows man-in-the-middle attackers to obtain encryption keys, user credentials, and other sensitive information by sniffing the network or modify this traffic by inserting packets into the client-server data stream. | 5.8 |
2015-08-31 | CVE-2015-5717 | Siemens | Cryptographic Issues vulnerability in Siemens Compas 1.5 The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
2015-08-31 | CVE-2014-2332 | Check MK Project | Improper Input Validation vulnerability in Check MK Project Check MK Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330. | 5.5 |
2015-09-05 | CVE-2015-6276 | Cisco | Information Exposure vulnerability in Cisco Telepresence System Software IX 8.0.3 Cisco TelePresence IX5000 8.0.3 stores a private key associated with an X.509 certificate under the web root with insufficient access control, which allows remote attackers to obtain cleartext versions of HTTPS traffic or spoof devices via a direct request to the certificate directory, aka Bug ID CSCuu63501. | 5.0 |
2015-09-04 | CVE-2015-5688 | Geddyjs | Path Traversal vulnerability in Geddyjs Geddy 13.0.7 Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the default URI. | 5.0 |
2015-09-02 | CVE-2015-6274 | Cisco | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco ASR 1000 Series Software 15.5(3)S The IPv4 implementation on Cisco ASR 1000 devices with software 15.5(3)S allows remote attackers to cause a denial of service (ESP QFP CPU consumption) by triggering packet fragmentation and reassembly, aka Bug ID CSCuv71273. | 5.0 |
2015-09-01 | CVE-2015-6736 | Quiz Project | Code vulnerability in Quiz Project Quiz The Quiz extension for MediaWiki allows remote attackers to cause a denial of service via regex metacharacters in a regular expression. | 5.0 |
2015-09-01 | CVE-2015-6735 | Timedmediahandler Project | Code vulnerability in Timedmediahandler Project Timedmediahandler The reset functionality in the TimedMediaHandler extension for MediaWiki does not create a new transcode, which allows remote attackers to cause a denial of service (transcode deletion) by resetting a transcode. | 5.0 |
2015-09-01 | CVE-2015-6733 | Mediawiki | Resource Management Errors vulnerability in Mediawiki GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors. | 5.0 |
2015-09-01 | CVE-2015-6727 | Mediawiki Canonical | Information Exposure vulnerability in multiple products The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text. | 5.0 |
2015-09-01 | CVE-2013-7444 | Mediawiki | Information Exposure vulnerability in Mediawiki The Special:Contributions page in MediaWiki before 1.22.0 allows remote attackers to determine if an IP is autoblocked via the "Change block" text. | 5.0 |
2015-08-31 | CVE-2015-6747 | Basware | Information Exposure vulnerability in Basware Banking Basware Banking (Maksuliikenne) 8.90.07.X does not properly prevent access to private keys, which allows remote attackers to spoof communications with banks via unspecified vectors. | 5.0 |
2015-08-31 | CVE-2015-5366 | Linux Redhat | Resource Management Errors vulnerability in Linux Kernel The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364. | 5.0 |
2015-08-31 | CVE-2015-6526 | Linux | Resource Management Errors vulnerability in Linux Kernel The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-bit userspace backtrace. | 4.9 |
2015-08-31 | CVE-2015-4700 | Linux | Code vulnerability in Linux Kernel The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler. | 4.9 |
2015-08-31 | CVE-2015-1333 | Linux | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system calls that refer to existing keys. | 4.9 |
2015-08-31 | CVE-2014-9730 | Linux | Local Denial of Service vulnerability in Linux Kernel UDF File System The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. | 4.9 |
2015-08-31 | CVE-2014-9729 | Linux | Local Denial of Service vulnerability in Linux Kernel UDF File System The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image. | 4.9 |
2015-08-31 | CVE-2014-9728 | Linux | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c. | 4.9 |
2015-08-31 | CVE-2015-6745 | Basware | Permissions, Privileges, and Access Controls vulnerability in Basware Banking Basware Banking (Maksuliikenne) 8.90.07.X relies on the client to enforce account locking, which allows local users to bypass that security mechanism by deleting the entry from the locking table. | 4.6 |
2015-08-31 | CVE-2015-5706 | Linux Canonical Debian | Use After Free vulnerability in multiple products Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation. | 4.6 |
2015-09-05 | CVE-2015-2986 | Rakuto | Cross-site Scripting vulnerability in Rakuto Rktsns2 0.2.2B Cross-site scripting (XSS) vulnerability in rakuto.net hitSuji (rktSNS2) 0.2.2b allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-09-05 | CVE-2015-2985 | Guide Park | Cross-site Scripting vulnerability in Guide-Park BBS X102 1.03 Cross-site scripting (XSS) vulnerability in guide-park.com BBS X102 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-09-04 | CVE-2015-6809 | Bedita | Cross-site Scripting vulnerability in Bedita Multiple cross-site scripting (XSS) vulnerabilities in BEdita before 3.6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cfg[projectName] parameter to index.php/admin/saveConfig, the (2) data[stats_provider_url] parameter to index.php/areas/saveArea, or the (3) data[description] parameter to index.php/areas/saveSection. | 4.3 |
2015-09-04 | CVE-2015-5612 | Octobercms | Cross-site Scripting vulnerability in Octobercms October Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via the caption tag of a profile image. | 4.3 |
2015-09-03 | CVE-2015-4552 | Mybb | Cross-site Scripting vulnerability in Mybb Cross-site scripting (XSS) vulnerability in the quick edit function in xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.8.5 allows remote attackers to inject arbitrary web script or HTML via the content of a post. | 4.3 |
2015-09-03 | CVE-2015-6506 | Bestpractical | Cross-site Scripting vulnerability in Bestpractical Request Tracker Cross-site scripting (XSS) vulnerability in the cryptography interface in Request Tracker (RT) before 4.2.12 allows remote attackers to inject arbitrary web script or HTML via a crafted public key. | 4.3 |
2015-09-01 | CVE-2015-6737 | Widgets Project | Cross-site Scripting vulnerability in Widgets Project Widgets Cross-site scripting (XSS) vulnerability in the Widgets extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via vectors involving base64 encoded content. | 4.3 |
2015-09-01 | CVE-2015-6734 | Mediawiki | Cross-site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in contrib/cssgen.php in the GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-09-01 | CVE-2015-6732 | Semanticforms Project | Cross-site Scripting vulnerability in Semanticforms Project Semanticforms Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via the (1) wpSummary parameter to Special:FormEdit, the (2) "Template label (optional)" field in a form, or a (3) Field name in a template. | 4.3 |
2015-09-01 | CVE-2015-6731 | Semanticforms Project | Cross-site Scripting vulnerability in Semanticforms Project Semanticforms Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via a (1) section_*, (2) template_*, (3) label_*, or (4) new_template parameter to Special:CreateForm or (5) target or (6) alt_form parameter to Special:FormEdit. | 4.3 |
2015-09-01 | CVE-2015-6730 | Mediawiki | Cross-site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter, which is not properly handled in an error page, related to "ForeignAPI images." | 4.3 |
2015-09-01 | CVE-2015-6729 | Mediawiki | Cross-site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the rel404 parameter, which is not properly handled in an error page. | 4.3 |
2015-09-01 | CVE-2015-2807 | Documentcloud | Cross-site Scripting vulnerability in Documentcloud Navis Documentcloud Cross-site scripting (XSS) vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter. | 4.3 |
2015-08-31 | CVE-2014-6616 | Softing | Cross-site Scripting vulnerability in Softing Fg-X00 Profibus Firmware 2.02.0.00 Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/. | 4.3 |
2015-08-31 | CVE-2014-3148 | OK WEB Server Project | Cross-site Scripting vulnerability in OK web Server Project OK web Server Cross-site scripting (XSS) vulnerability in libahttp/err.c in OkCupid OKWS (OK Web Server) allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to a non-existent page, which is not properly handled in a 404 error page. | 4.3 |
2015-08-31 | CVE-2014-2570 | PHP Font LIB Project | Cross-site Scripting vulnerability in PHP Font LIB Project PHP Font LIB 0.3 Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP Font Lib before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter. | 4.3 |
2015-08-31 | CVE-2015-6744 | Basware | Unspecified vulnerability in Basware Banking Basware Banking (Maksuliikenne) before 8.90.07.X relies on the client to enforce (1) login verification, (2) audit trail creation, and (3) account locking, which allows remote attackers to "disrupt security-critical functions" by "dropping network traffic." NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to different vulnerability type and different affected versions. | 4.3 |
2015-09-05 | CVE-2015-2990 | Neojapan | Path Traversal vulnerability in Neojapan Desknet NEO Directory traversal vulnerability in zhtml.cgi in NEOJAPAN desknet NEO 2.0R1.0 through 2.5R1.4 allows remote authenticated users to read arbitrary files via a crafted parameter. | 4.0 |
2015-09-02 | CVE-2015-6587 | Openafs Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC. | 4.0 |
17 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-09-04 | CVE-2015-6810 | Invisionpower | Cross-site Scripting vulnerability in Invisionpower Invision Power Board Cross-site scripting (XSS) vulnerability in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) 4.x before 4.0.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the event_location[address] array parameter to calendar/submit/. | 3.5 |
2015-09-04 | CVE-2015-6808 | Getlevelten | Cross-site Scripting vulnerability in Getlevelten Spotlight Cross-site scripting (XSS) vulnerability in the Spotlight module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title. | 3.5 |
2015-09-03 | CVE-2015-1516 | Polycom | Cross-site Scripting vulnerability in Polycom Realpresence Cloudaxis Suite Cross-site scripting (XSS) vulnerability in Polycom RealPresence CloudAXIS Suite before 1.7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2015-09-02 | CVE-2015-6805 | Medhabidotcom | Cross-site Scripting vulnerability in Medhabidotcom MDC Private Message 1.0.0 Cross-site scripting (XSS) vulnerability in the MDC Private Message plugin 1.0.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the message field in a private message. | 3.5 |
2015-08-31 | CVE-2015-6753 | Quick Edit Project | Cross-site Scripting vulnerability in Quick Edit Project Quick Edit 7.X1.0/7.X1.1 Multiple cross-site scripting (XSS) vulnerabilities in the Quick Edit module 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via an (1) entity title, related to in-place editing, or a (2) node title. | 3.5 |
2015-08-31 | CVE-2015-6751 | Time Tracker Project | Cross-site Scripting vulnerability in Time Tracker Project Time Tracker Multiple cross-site scripting (XSS) vulnerabilities in the Time Tracker module 7.x-1.x before 7.x-1.4 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via a (1) note added to a time entry or an (2) activity used to categorize time tracker entries. | 3.5 |
2015-08-31 | CVE-2015-6535 | Youtube Embed Project | Cross-site Scripting vulnerability in Youtube Embed Project Youtube Embed 3.3.2 Cross-site scripting (XSS) vulnerability in includes/options-profiles.php in the YouTube Embed plugin before 3.3.3 for WordPress allows remote administrators to inject arbitrary web script or HTML via the Profile name field (youtube_embed_name parameter). | 3.5 |
2015-08-31 | CVE-2014-2329 | Check MK Project | Cross-site Scripting vulnerability in Check MK Project Check MK Multiple cross-site scripting (XSS) vulnerabilities in Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allow remote authenticated users to inject arbitrary web script or HTML via the (1) agent string for a check_mk agent, a (2) crafted request to a monitored host, which is not properly handled by the logwatch module, or other unspecified vectors. | 3.5 |
2015-09-04 | CVE-2015-6807 | Mass Contact Project | Cross-site Scripting vulnerability in Mass Contact Project Mass Contact Cross-site scripting (XSS) vulnerability in the Mass Contact module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer mass contact" permission to inject arbitrary web script or HTML via a category label. | 2.1 |
2015-09-03 | CVE-2015-6654 | XEN | Permissions, Privileges, and Access Controls vulnerability in XEN 4.4.0/4.5.0/4.5.1 The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map the memory of a foreign guest. | 2.1 |
2015-09-03 | CVE-2015-4077 | Fortinet | Information Exposure vulnerability in Fortinet Forticlient The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call. | 2.1 |
2015-08-31 | CVE-2015-6754 | Path Breadcrumbs Project | Cross-site Scripting vulnerability in Path Breadcrumbs Project Path Breadcrumbs 7.X3.0/7.X3.1/7.X3.2 Cross-site scripting (XSS) vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path Breadcrumbs" permission to inject arbitrary web script or HTML via unspecified vectors. | 2.1 |
2015-08-31 | CVE-2015-6752 | Search API Autocomplete Project | Cross-site Scripting vulnerability in Search API Autocomplete Project Search API Autocomplete 7.X1.0/7.X1.1/7.X1.2 Cross-site scripting (XSS) vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1.3 for Drupal, when the search index is configured to use the HTML filter processor, allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in the returned suggestions. | 2.1 |
2015-08-31 | CVE-2015-6746 | Basware | Information Exposure vulnerability in Basware Banking Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. | 2.1 |
2015-08-31 | CVE-2015-5697 | Linux | Information Exposure vulnerability in Linux Kernel The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. | 2.1 |
2015-08-31 | CVE-2015-3291 | Linux | Code vulnerability in Linux Kernel arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of service (skipped NMI) by modifying the rsp register, issuing a syscall instruction, and triggering an NMI. | 2.1 |
2015-08-31 | CVE-2014-9731 | Linux | Code vulnerability in Linux Kernel The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c. | 2.1 |