Weekly Vulnerabilities Reports > November 30 to December 6, 2015
Overview
64 new vulnerabilities reported during this period, including 5 critical vulnerabilities and 42 high severity vulnerabilities. This weekly summary report vulnerabilities in 45 products from 17 vendors including Google, Pcre, Fedoraproject, Cisco, and PHP. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", "Improper Input Validation", "Numeric Errors", and "Resource Management Errors".
- 61 reported vulnerabilities are remotely exploitables.
- 3 reported vulnerabilities have public exploit available.
- 3 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 64 reported vulnerabilities are exploitable by an anonymous user.
- Google has the most reported vulnerabilities, with 27 reported vulnerabilities.
- Google has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
5 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-12-06 | CVE-2015-8480 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome The VideoFramePool::PoolImpl::CreateFrame function in media/base/video_frame_pool.cc in Google Chrome before 47.0.2526.73 does not initialize memory for a video-frame data structure, which might allow remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact by leveraging improper interaction with the vp3_h_loop_filter_c function in libavcodec/vp3dsp.c in FFmpeg. | 10.0 | |
2015-12-06 | CVE-2015-6787 | Security vulnerability in Google Chrome Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 10.0 | |
2015-12-06 | CVE-2015-6765 | Multiple Security vulnerability in Google Chrome Prior to 47.0.2526.73 Use-after-free vulnerability in content/browser/appcache/appcache_update_job.cc in Google Chrome before 47.0.2526.73 allows remote attackers to execute arbitrary code or cause a denial of service by leveraging the mishandling of AppCache update jobs. | 10.0 | |
2015-12-02 | CVE-2015-8024 | Mcafee | OS Command Injection vulnerability in Mcafee Enterprise Security Manager McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, and 9.5.x before 9.5.0MR8, when configured to use Active Directory or LDAP authentication sources, allow remote attackers to bypass authentication by logging in with the username "NGCP|NGCP|NGCP;" and any password. | 9.3 |
2015-12-02 | CVE-2015-8391 | Pcre Oracle Fedoraproject Redhat PHP | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 9.0 |
42 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-12-05 | CVE-2015-6849 | EMC | Improper Input Validation vulnerability in EMC Networker EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages. | 7.8 |
2015-12-05 | CVE-2015-6391 | Cisco | Resource Management Errors vulnerability in Cisco Unified SIP Phone 3900 Firmware Cisco Unified SIP 3905 phones allow remote attackers to cause a denial of service (resource consumption and functionality loss) via a large amount of network traffic, aka Bug ID CSCuh51331. | 7.8 |
2015-12-06 | CVE-2015-3194 | Openssl Canonical Debian Nodejs | NULL Pointer Dereference vulnerability in multiple products crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter. | 7.5 |
2015-12-06 | CVE-2015-3193 | Openssl Nodejs Canonical | Information Exposure vulnerability in multiple products The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite. | 7.5 |
2015-12-06 | CVE-2015-8479 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Use-after-free vulnerability in the AudioOutputDevice::OnDeviceAuthorized function in media/audio/audio_output_device.cc in Google Chrome before 47.0.2526.73 allows attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering access to an unauthorized audio output device. | 7.5 | |
2015-12-06 | CVE-2015-8478 | Security vulnerability in Google Chrome Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.73, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 7.5 | |
2015-12-06 | CVE-2015-6781 | Numeric Errors vulnerability in Google Chrome Integer overflow in the FontData::Bound function in data/font_data.cc in Google sfntly, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted offset or length value within font data in an SFNT container. | 7.5 | |
2015-12-06 | CVE-2015-6778 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome The CJBig2_SymbolDict class in fxcodec/jbig2/JBig2_SymbolDict.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a PDF document containing crafted data with JBIG2 compression. | 7.5 | |
2015-12-06 | CVE-2015-6777 | Multiple Security vulnerability in Google Chrome Prior to 47.0.2526.73 Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions. | 7.5 | |
2015-12-06 | CVE-2015-6775 | Multiple Security vulnerability in Google Chrome Prior to 47.0.2526.73 fpdfsdk/src/jsapi/fxjs_v8.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, does not use signatures, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." <a href="http://cwe.mitre.org/data/definitions/843.html">CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')</a> | 7.5 | |
2015-12-06 | CVE-2015-6774 | Multiple Security vulnerability in Google Chrome Prior to 47.0.2526.73 Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that modifies a pointer used for reporting loadTimes data. | 7.5 | |
2015-12-06 | CVE-2015-6773 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome The convolution implementation in Skia, as used in Google Chrome before 47.0.2526.73, does not properly constrain row lengths, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted graphics data. | 7.5 | |
2015-12-06 | CVE-2015-6772 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin. | 7.5 | |
2015-12-06 | CVE-2015-6771 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73, improperly implements certain map and filter operations for arrays, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code. | 7.5 | |
2015-12-06 | CVE-2015-6770 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768. | 7.5 | |
2015-12-06 | CVE-2015-6769 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing. | 7.5 | |
2015-12-06 | CVE-2015-6768 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770. | 7.5 | |
2015-12-06 | CVE-2015-6767 | Multiple Security vulnerability in Google Chrome Prior to 47.0.2526.73 Use-after-free vulnerability in content/browser/appcache/appcache_dispatcher_host.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance associated with certain callbacks. | 7.5 | |
2015-12-06 | CVE-2015-6766 | Multiple Security vulnerability in Google Chrome Prior to 47.0.2526.73 Use-after-free vulnerability in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers with renderer access to cause a denial of service or possibly have unspecified other impact by leveraging incorrect AppCacheUpdateJob behavior associated with duplicate cache selection. | 7.5 | |
2015-12-06 | CVE-2015-6764 | Google Nodejs Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code. | 7.5 |
2015-12-03 | CVE-2015-8078 | Opensuse Cyrus | Numeric Errors vulnerability in multiple products Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the section_offset variable. | 7.5 |
2015-12-03 | CVE-2015-8077 | Cyrus Opensuse | Numeric Errors vulnerability in multiple products Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the start_octet variable. | 7.5 |
2015-12-03 | CVE-2015-8076 | Opensuse Cyrus | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remote attackers to obtain sensitive information or possibly have unspecified other impact via vectors related to the urlfetch range, which triggers an out-of-bounds heap read. | 7.5 |
2015-12-03 | CVE-2015-0860 | Canonical Debian | Numeric Errors vulnerability in multiple products Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which triggers a stack-based buffer overflow. | 7.5 |
2015-12-03 | CVE-2015-0859 | Debian | Code vulnerability in Debian Linux 7.0/8.0 The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie before 2.6.9-1+deb8u1 does not properly configure the way Apache httpd passes arguments to smokeping_cgi, which allows remote attackers to execute arbitrary code via crafted CGI arguments. | 7.5 |
2015-12-02 | CVE-2015-8395 | Pcre | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre Perl Compatible Regular Expression Library 8.36/8.37 PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8392. | 7.5 |
2015-12-02 | CVE-2015-8394 | Pcre PHP | Integer Overflow or Wraparound vulnerability in multiple products PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
2015-12-02 | CVE-2015-8392 | Pcre | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre Perl Compatible Regular Expression Library 8.36/8.37 PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to cause a denial of service (unintended recursion and buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8395. | 7.5 |
2015-12-02 | CVE-2015-8390 | Pcre Fedoraproject PHP | Use of Uninitialized Resource vulnerability in multiple products PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
2015-12-02 | CVE-2015-8389 | Pcre Fedoraproject PHP | Incorrect Regular Expression vulnerability in multiple products PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
2015-12-02 | CVE-2015-8388 | Oracle Pcre | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
2015-12-02 | CVE-2015-8387 | Pcre Fedoraproject PHP | Integer Overflow or Wraparound vulnerability in multiple products PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
2015-12-02 | CVE-2015-8386 | Pcre Fedoraproject Oracle PHP | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
2015-12-02 | CVE-2015-8385 | Oracle Pcre | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products PCRE before 8.38 mishandles the /(?|(\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
2015-12-02 | CVE-2015-8384 | Pcre | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre Perl Compatible Regular Expression Library 8.36/8.37 PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain recursive back references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8392 and CVE-2015-8395. | 7.5 |
2015-12-02 | CVE-2015-8383 | Pcre Fedoraproject PHP | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
2015-12-02 | CVE-2015-8381 | Pcre | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre Perl Compatible Regular Expression Library 8.36/8.37 The compile_regex function in pcre_compile.c in PCRE before 8.38 and pcre2_compile.c in PCRE2 before 10.2x mishandles the /(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R'))))/ and /(?J:(?|(:(?|(?'R')(\z(?|(?'R')(\k'R')|((?'R')))k'R')|((?'R')))H'Ak'Rf)|s(?'R')))/ patterns, and related patterns with certain group references, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
2015-12-02 | CVE-2015-8380 | Pcre Fedoraproject | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
2015-12-02 | CVE-2015-2328 | Oracle Pcre | Data Processing Errors vulnerability in multiple products PCRE before 8.36 mishandles the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
2015-12-02 | CVE-2015-2327 | Pcre | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre Perl Compatible Regular Expression Library PCRE before 8.36 mishandles the /(((a\2)|(a*)\g<-1>))*/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | 7.5 |
2015-12-03 | CVE-2015-6383 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS XE 15.4(3)S Cisco IOS XE 15.4(3)S on ASR 1000 devices improperly loads software packages, which allows local users to bypass license restrictions and obtain certain root privileges by using the CLI to enter crafted filenames, aka Bug ID CSCuv93130. | 7.2 |
2015-12-01 | CVE-2015-6385 | Cisco | Improper Input Validation vulnerability in Cisco IOS 15.5(2)S/15.5(3)S The publish-event event-manager feature in Cisco IOS 15.5(2)S and 15.5(3)S on Cloud Services Router 1000V devices allows local users to execute arbitrary commands with root privileges by leveraging administrative access to enter crafted environment variables, aka Bug ID CSCux14943. | 7.2 |
17 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2015-12-06 | CVE-2015-6780 | Multiple Security vulnerability in Google Chrome Prior to 47.0.2526.73 Use-after-free vulnerability in the Infobars implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site, related to browser/ui/views/website_settings/website_settings_popup_view.cc. | 6.8 | |
2015-12-06 | CVE-2015-6776 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome The opj_dwt_decode_1* functions in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 47.0.2526.73, allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during a discrete wavelet transform. | 6.8 | |
2015-12-02 | CVE-2015-8382 | Pcre | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre Perl Compatible Regular Expression Library 8.36 The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (partially initialized memory and application crash) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-2547. | 6.4 |
2015-12-06 | CVE-2015-3195 | Apple Oracle Openssl Redhat Canonical Debian Opensuse Suse Fedoraproject | Information Exposure vulnerability in multiple products The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application. | 5.3 |
2015-12-05 | CVE-2015-6388 | Cisco | Security Bypass vulnerability in Cisco Unified Computing System Central Software 1.3(0.1) Cisco Unified Computing System (UCS) Central software 1.3(0.1) allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted request, aka Bug ID CSCux33575. | 5.0 |
2015-12-02 | CVE-2015-8393 | Pcre Fedoraproject PHP | Information Exposure vulnerability in multiple products pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client. | 5.0 |
2015-12-01 | CVE-2015-6386 | Cisco | Resource Management Errors vulnerability in Cisco web Security Appliance 8.0.7142/8.5.1021 The passthrough FTP feature on Cisco Web Security Appliance (WSA) devices with software 8.0.7-142 and 8.5.1-021 allows remote attackers to cause a denial of service (CPU consumption) via FTP sessions in which the control connection is ended after data transfer, aka Bug ID CSCut94150. | 5.0 |
2015-12-05 | CVE-2015-6394 | Cisco | Resource Management Errors vulnerability in Cisco Nx-Os 5.2(9)N1(1) The kernel in Cisco NX-OS 5.2(9)N1(1) on Nexus 5000 devices allows local users to cause a denial of service (device crash) via crafted USB parameters, aka Bug ID CSCus89408. | 4.9 |
2015-12-06 | CVE-2015-6786 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome The CSPSourceList::matches function in WebKit/Source/core/frame/csp/CSPSourceList.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts a blob:, data:, or filesystem: URL as a match for a * pattern, which allows remote attackers to bypass intended scheme restrictions in opportunistic circumstances by leveraging a policy that relies on this pattern. | 4.3 | |
2015-12-06 | CVE-2015-6785 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a *.x.y pattern, which might allow remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a policy that was intended to be specific to subdomains. | 4.3 | |
2015-12-06 | CVE-2015-6784 | Improper Input Validation vulnerability in Google Chrome The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web (MOTW) comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring. | 4.3 | |
2015-12-06 | CVE-2015-6783 | Improper Input Validation vulnerability in Google Android 5.0/6.0 The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in crazy_linker (aka Crazy Linker) in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP archive. | 4.3 | |
2015-12-06 | CVE-2015-6782 | Improper Input Validation vulnerability in Google Chrome The Document::open function in WebKit/Source/core/dom/Document.cpp in Google Chrome before 47.0.2526.73 does not ensure that page-dismissal event handling is compatible with modal-dialog blocking, which makes it easier for remote attackers to spoof Omnibox content via a crafted web site. | 4.3 | |
2015-12-06 | CVE-2015-6779 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL. | 4.3 | |
2015-12-05 | CVE-2015-6387 | Cisco | Cross-site Scripting vulnerability in Cisco Unified Computing System Central Software 1.3(0.1) Cross-site scripting (XSS) vulnerability in Cisco Unified Computing System (UCS) Central Software 1.3(0.1) allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCux33573. | 4.3 |
2015-12-05 | CVE-2015-6384 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Webex Meetings 8.0Base The Cisco WebEx Meetings application before 8.5.1 for Android improperly initializes custom application permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka Bug ID CSCuw86442. | 4.3 |
2015-12-03 | CVE-2015-6390 | Cisco | Cross-site Scripting vulnerability in Cisco Unity Connection 9.1(1.10) Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unity Connection 9.1(1.10) allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCup92741. | 4.3 |
0 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|