Weekly Vulnerabilities Reports > November 16 to 22, 2015
Overview
67 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 10 high severity vulnerabilities. This weekly summary report vulnerabilities in 73 products from 39 vendors including Cisco, Apple, Canonical, Adobe, and Debian. Vulnerabilities are notably categorized as "Information Exposure", "Cross-site Scripting", "Improper Input Validation", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Permissions, Privileges, and Access Controls".
- 57 reported vulnerabilities are remotely exploitables.
- 6 reported vulnerabilities have public exploit available.
- 14 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 60 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 11 reported vulnerabilities.
- Google has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
7 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-11-21 | CVE-2015-7912 | Tibbo | Unspecified vulnerability in Tibbo Aggregate 5.21.02 The Ice Faces servlet in ag_server_service.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows remote attackers to upload and execute arbitrary Java code via a crafted XML document. | 10.0 |
2015-11-19 | CVE-2015-8236 | Arista | Permissions, Privileges, and Access Controls vulnerability in Arista EOS Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1 allows remote attackers to execute arbitrary code as root by leveraging management-plane access, aka Bug 138716. | 10.0 |
2015-11-18 | CVE-2015-8051 | Adobe | Security vulnerability in Adobe Premiere Clip The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecified input, which has unknown impact and attack vectors. | 10.0 |
2015-11-17 | CVE-2015-8221 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Picasa Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow. | 10.0 | |
2015-11-18 | CVE-2015-4852 | Oracle | Deserialization of Untrusted Data vulnerability in Oracle products The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. | 9.8 |
2015-11-21 | CVE-2015-7289 | Arris | Credentials Management vulnerability in Arris NA Model 862 GW Mono Firmware Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remote attackers to obtain access via the web management interface, SSH, TELNET, or SNMP. | 9.3 |
2015-11-17 | CVE-2015-7805 | Opensuse Mega Nerd | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file. | 9.3 |
10 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-11-19 | CVE-2015-8083 | Huawei | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Espace Firmware An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V200R003C00SPC300 does not properly initialize memory when processing timeout messages, which allows remote attackers to cause a denial of service (out-of-bounds memory access and device restart) via unknown vectors. | 7.8 |
2015-11-19 | CVE-2015-7910 | Exemys | Improper Access Control vulnerability in Exemys Telemetry web Server Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body. | 7.8 |
2015-11-22 | CVE-2015-7036 | Apple | Improper Input Validation vulnerability in Apple Iphone OS and mac OS X The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument. | 7.5 |
2015-11-17 | CVE-2015-8220 | Solarwinds | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Solarwinds Dameware Mini Remote Control Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline argument in a link. | 7.5 |
2015-11-16 | CVE-2015-7897 | Samsung | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file. | 7.5 |
2015-11-16 | CVE-2015-7816 | Matomo | Unspecified vulnerability in Matomo The DisplayTopKeywords function in plugins/Referrers/Controller.php in Piwik before 2.15.0 allows remote attackers to conduct PHP object injection attacks, conduct Server-Side Request Forgery (SSRF) attacks, and execute arbitrary PHP code via a crafted HTTP header. | 7.5 |
2015-11-16 | CVE-2015-7815 | Matomo | Path Traversal vulnerability in Matomo Directory traversal vulnerability in core/ViewDataTable/Factory.php in Piwik before 2.15.0 allows remote attackers to include and execute arbitrary local files via the viewDataTable parameter. | 7.5 |
2015-11-21 | CVE-2015-7913 | Tibbo | Unspecified vulnerability in Tibbo Aggregate 5.21.02 ag_server_service.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows local users to execute arbitrary Java code with SYSTEM privileges by using the Apache Axis AdminService deployment method to publish a class. | 7.2 |
2015-11-19 | CVE-2015-6370 | Cisco | OS Command Injection vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) The Management I/O (MIO) component in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows local users to execute arbitrary OS commands as root via crafted CLI input, aka Bug ID CSCux10578. | 7.2 |
2015-11-17 | CVE-2015-5602 | Sudo Project | Permissions, Privileges, and Access Controls vulnerability in Sudo Project Sudo sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/file.txt." | 7.2 |
45 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-11-21 | CVE-2015-7291 | Arris | Cross-Site Request Forgery (CSRF) vulnerability in Arris NA Model 862 GW Mono Firmware Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to hijack the authentication of arbitrary users. | 6.8 |
2015-11-21 | CVE-2015-6376 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Telepresence Video Communication Server Software X8.5.1 Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv72412. | 6.8 |
2015-11-19 | CVE-2015-7984 | Horde Debian | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter to admin/sqlshell.php, or (3) PHP code via the php parameter to admin/phpshell.php. | 6.8 |
2015-11-18 | CVE-2015-7942 | HP Debian Apple Canonical Xmlsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941. | 6.8 |
2015-11-18 | CVE-2015-6373 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux10611. | 6.8 |
2015-11-18 | CVE-2015-6357 | Cisco | Improper Input Validation vulnerability in Cisco Firesight System Software The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide an invalid package, and consequently execute arbitrary code, via a crafted certificate, aka Bug ID CSCuw06444. | 6.8 |
2015-11-18 | CVE-2015-6330 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 10.5.1/10.6.0 Cross-site request forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 10.5(1) and 10.6 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus62712. | 6.8 |
2015-11-20 | CVE-2015-7773 | Bastian Allgeier | Arbitrary File Creation vulnerability in Kirby Unrestricted file upload vulnerability in the Panel component in Bastian Allgeier Kirby before 2.1.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file that lacks an extension, and then renaming this file to have a .php extension. | 6.5 |
2015-11-16 | CVE-2015-7712 | Atutor | Unspecified vulnerability in Atutor Multiple eval injection vulnerabilities in mods/_standard/gradebook/edit_marks.php in ATutor 2.2 and earlier allow remote authenticated users with the AT_PRIV_GRADEBOOK privilege to execute arbitrary PHP code via the (1) asc or (2) desc parameter. | 6.5 |
2015-11-16 | CVE-2014-9752 | Atutor | Unspecified vulnerability in Atutor Unrestricted file upload vulnerability in mods/_core/properties/lib/course.inc.php in ATutor before 2.2 patch 6 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension as a customicon for a new course, then accessing it via a direct request to the file in content/. | 6.5 |
2015-11-17 | CVE-2015-5301 | Ipsilon Project | Permissions, Privileges, and Access Controls vulnerability in Ipsilon Project Ipsilon providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.2 and 1.1.x before 1.1.1 does not properly check permissions, which allows remote authenticated users to cause a denial of service by deleting a SAML2 Service Provider (SP). | 5.5 |
2015-11-19 | CVE-2015-8087 | Huawei | Resource Management Errors vulnerability in Huawei NE Router Software Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and forwarding (VRF) hopping vulnerability." | 5.0 |
2015-11-19 | CVE-2015-7845 | Huawei | Improper Input Validation vulnerability in Huawei Espace Firmware The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH packets. | 5.0 |
2015-11-19 | CVE-2014-9756 | Libsndfile Project Canonical Opensuse | Divide By Zero vulnerability in multiple products The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable. | 5.0 |
2015-11-19 | CVE-2015-6368 | Cisco | Information Exposure vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to read files via a crafted HTTP request, aka Bug ID CSCux10608. | 5.0 |
2015-11-17 | CVE-2015-7998 | Citrix | Information Exposure vulnerability in Citrix products The administration UI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2015-11-17 | CVE-2015-7996 | Citrix | Information Exposure vulnerability in Citrix products The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow attackers to obtain credentials via the browser cache. | 5.0 |
2015-11-17 | CVE-2015-7995 | Apple Xmlsoft | Remote Denial of Service vulnerability in libxslt 'libxslt/preproc.c' Type Confusion The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue. | 5.0 |
2015-11-17 | CVE-2015-5311 | Powerdns | Improper Input Validation vulnerability in Powerdns Authoritative 3.4.4/3.4.5/3.4.6 PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service (assertion failure and server crash) via crafted query packets. | 5.0 |
2015-11-17 | CVE-2015-5276 | GNU | Information Exposure vulnerability in GNU GCC The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors. | 5.0 |
2015-11-16 | CVE-2015-8215 | Linux | Improper Input Validation vulnerability in Linux Kernel net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. | 5.0 |
2015-11-19 | CVE-2015-6369 | Cisco | Improper Input Validation vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows physically proximate attackers to cause a denial of service via a crafted USB device that triggers invalid USB commands, aka Bug ID CSCux10531. | 4.9 |
2015-11-17 | CVE-2015-7812 | XEN | 7PK - Security Features vulnerability in XEN The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x through 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptible hypercall to the multicall interface. | 4.9 |
2015-11-17 | CVE-2015-8222 | Canonical | Permissions, Privileges, and Access Controls vulnerability in Canonical Ubuntu Linux 15.10 The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors. | 4.6 |
2015-11-16 | CVE-2015-7312 | Linux Canonical Debian | Use After Free vulnerability in multiple products Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c. | 4.4 |
2015-11-22 | CVE-2015-5859 | Apple | Information Exposure vulnerability in Apple Iphone OS and mac OS X The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. | 4.3 |
2015-11-22 | CVE-2015-5787 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows attackers to bypass background-execution limitations via a crafted app. | 4.3 |
2015-11-21 | CVE-2015-7777 | Void Project | Cross-site Scripting vulnerability in Void Project Void Cross-site scripting (XSS) vulnerability in index.php in JosephErnest Void before 2015-10-02 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. | 4.3 |
2015-11-21 | CVE-2015-7290 | Arris | Cross-site Scripting vulnerability in Arris NA Model 862 GW Mono Firmware Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to inject arbitrary web script or HTML via the pwd parameter. | 4.3 |
2015-11-21 | CVE-2009-5149 | Arris | Credentials Management vulnerability in Arris NA Model 862 GW Mono Firmware Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have predictable technician passwords, which makes it easier for remote attackers to obtain access via the web management interface, related to a "password of the day" issue. | 4.3 |
2015-11-20 | CVE-2015-7772 | Newphoria Corporation | Cross-site Scripting vulnerability in Newphoria Corporation Applican Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican framework before 1.13.0 for Android and iOS allows remote attackers to inject arbitrary web script or HTML via a crafted URL that triggers WebView anchor attachment in an applican application, a different vulnerability than CVE-2015-7771. | 4.3 |
2015-11-20 | CVE-2015-7771 | Newphoria Corporation | Cross-site Scripting vulnerability in Newphoria Corporation Applican Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican framework before 1.13.0 for Android and iOS allows remote attackers to inject arbitrary web script or HTML via a crafted SSID that is encountered by an applican application, a different vulnerability than CVE-2015-7772. | 4.3 |
2015-11-19 | CVE-2015-7385 | Open Xchange | Cross-site Scripting vulnerability in Open-Xchange OX Guard 2.0.0 Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard before 2.0.0-rev11 allows remote attackers to inject arbitrary web script or HTML via the uid field in a PGP public key, which is not properly handled in "Guard PGP Settings." | 4.3 |
2015-11-19 | CVE-2015-4112 | Blackberry | 7PK - Security Features vulnerability in Blackberry Enterprise Server 12.0/12.1 The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a "cross frame scripting" issue. | 4.3 |
2015-11-19 | CVE-2015-6374 | Cisco | Improper Input Validation vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID CSCux10604. | 4.3 |
2015-11-18 | CVE-2015-8053 | Adobe | Cross-site Scripting vulnerability in Adobe Coldfusion 10.0/11.0 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8052. | 4.3 |
2015-11-18 | CVE-2015-8052 | Adobe | Cross-site Scripting vulnerability in Adobe Coldfusion 10.0/11.0 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8053. | 4.3 |
2015-11-18 | CVE-2015-5255 | HP Adobe | Improper Input Validation vulnerability in multiple products Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x before 3.0.0.354175, 3.1.x before 3.1.0.354180, 4.5.x before 4.5.1.354177, 4.6.2.x before 4.6.2.354178, and 4.7.x before 4.7.0.354178, allows remote attackers to send HTTP traffic to intranet servers via a crafted XML document, related to a Server-Side Request Forgery (SSRF) issue. | 4.3 |
2015-11-18 | CVE-2015-7941 | Canonical Xmlsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities. | 4.3 |
2015-11-18 | CVE-2015-6372 | Cisco | Cross-site Scripting vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux10614. | 4.3 |
2015-11-17 | CVE-2015-8232 | UC Profile Project | Information Exposure vulnerability in UC Profile Project UC Profile 6.X1.1/6.X1.2 The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles in certain circumstances, which might allow remote attackers to obtain sensitive information from the anonymous user profile via unspecified vectors. | 4.3 |
2015-11-17 | CVE-2015-7997 | Citrix | Cross-site Scripting vulnerability in Citrix products Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2015-11-19 | CVE-2015-6371 | Cisco | Information Exposure vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to read arbitrary files via crafted parameters to unspecified scripts, aka Bug ID CSCux10621. | 4.0 |
2015-11-18 | CVE-2015-8090 | Tibco | Information Exposure vulnerability in Tibco Loglogic Unity The Web Server component in TIBCO LogLogic Unity before 1.1.1 allows remote authenticated users to gain privileges, and consequently obtain sensitive information, via an HTTP request. | 4.0 |
2015-11-17 | CVE-2015-5217 | Ipsilon Project | Permissions, Privileges, and Access Controls vulnerability in Ipsilon Project Ipsilon providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider (SP) owner, which allows remote authenticated users to cause a denial of service via a duplicate SP name. | 4.0 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-11-16 | CVE-2015-2924 | Networkmanager Project | Improper Input Validation vulnerability in Networkmanager Project Networkmanager The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message, a similar issue to CVE-2015-2922. | 3.3 |
2015-11-18 | CVE-2015-8035 | Debian Xmlsoft Apple Canonical | Resource Management Errors vulnerability in multiple products The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data. | 2.6 |
2015-11-17 | CVE-2015-8233 | Mayo Project | Cross-site Scripting vulnerability in Mayo Project Mayo Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the "Administer themes" permission to inject arbitrary web script or HTML via unspecified vectors related to theme settings. | 2.6 |
2015-11-21 | CVE-2015-6375 | Cisco | Information Exposure vulnerability in Cisco IOS 15.2(2)E3 The debug-logging (aka debug cns) feature in Cisco Networking Services (CNS) for IOS 15.2(2)E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010. | 2.1 |
2015-11-18 | CVE-2015-6847 | EMC | Information Exposure vulnerability in EMC Vplex Geosynchrony 5.4 The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GUI passwords in a log file, which allows local users to obtain sensitive information by reading this file. | 2.1 |