apache — camel |
XML external entity (XXE) vulnerability in the XML converter setup in converter/jaxp/XmlConverter.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allows remote attackers to read arbitrary files via an external entity in an SAXSource. |
2015-06-03 |
5.0 |
CVE-2015-0263 CONFIRM CONFIRM SECTRACK REDHAT |
apache — camel |
Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML (1) String or (2) GenericFile object in an XPath query. |
2015-06-03 |
5.0 |
CVE-2015-0264 CONFIRM CONFIRM SECTRACK REDHAT |
apache — jackrabbit |
XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request. |
2015-05-29 |
6.4 |
CVE-2015-1833 EXPLOIT-DB CONFIRM BID CONFIRM MLIST |
apache — sling_api |
Multiple cross-site scripting (XSS) vulnerabilities in Apache Sling API before 2.2.2 and Apache Sling Servlets Post before 2.1.2 allow remote attackers to inject arbitrary web script or HTML via the URI, related to (1) org/apache/sling/api/servlets/HtmlResponse and (2) org/apache/sling/servlets/post/HtmlResponse. |
2015-06-02 |
4.3 |
CVE-2015-2944 CONFIRM JVNDB JVN |
beckwithelectric — m-2001d_digital_tapchanger_control |
Beckwith Electric M-6200 Digital Voltage Regulator Control with firmware before D-0198V04.07.00, M-6200A Digital Voltage Regulator Control with firmware before D-0228V02.01.07, M-2001D Digital Tapchanger Control with firmware before D-0214V01.10.04, M-6283A Three Phase Digital Capacitor Bank Control with firmware before D-0346V03.00.02, M-6280A Digital Capacitor Bank Control with firmware before D-0254V03.05.05, and M-6280 Digital Capacitor Bank Control do not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value. |
2015-06-05 |
6.4 |
CVE-2014-9201 MISC |
blue_coat — ssl_visibility_appliance_sv1800_firmware |
Cross-site request forgery (CSRF) vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack the authentication of administrators. |
2015-05-30 |
4.3 |
CVE-2015-2852 CERT-VN CONFIRM |
blue_coat — ssl_visibility_appliance_sv1800_firmware |
Session fixation vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack web sessions by providing a session ID. |
2015-05-30 |
6.8 |
CVE-2015-2853 CERT-VN CONFIRM |
blue_coat — ssl_visibility_appliance_sv1800_firmware |
The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via vectors involving an IFRAME element. |
2015-05-30 |
4.3 |
CVE-2015-2854 CERT-VN CONFIRM |
blue_coat — ssl_visibility_appliance_sv1800_firmware |
The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not set the secure flag for the administrator’s cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session, a different vulnerability than CVE-2015-4138. |
2015-05-30 |
4.3 |
CVE-2015-2855 CERT-VN CONFIRM |
blue_coat — ssl_visibility_appliance_sv1800_firmware |
The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not include the HTTPOnly flag in a Set-Cookie header for the administrator’s cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, a different vulnerability than CVE-2015-2855. |
2015-05-30 |
4.3 |
CVE-2015-4138 CERT-VN CONFIRM |
cisco — headend_digital_broadband_delivery_system |
CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks, via a crafted request, aka Bug ID CSCur25580. |
2015-05-30 |
4.3 |
CVE-2015-0733 CISCO |
cisco — headend_digital_broadband_delivery_system |
Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097. |
2015-05-30 |
5.0 |
CVE-2015-0743 CISCO |
cisco — headend_digital_broadband_delivery_system |
Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug ID CSCus44909. |
2015-05-30 |
5.0 |
CVE-2015-0745 CISCO |
cisco — videoscape_conductor |
Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408. |
2015-05-30 |
4.3 |
CVE-2015-0747 CISCO |
cisco — telepresence_video_communication_server |
Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27635. |
2015-05-29 |
4.3 |
CVE-2015-0752 CISCO |
cisco — unified_web_and_e-mail_interaction_manager |
SQL injection vulnerability in Cisco Unified Email Interaction Manager (EIM) and Unified Web Interaction Manager (WIM) 9.0(2) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028. |
2015-05-29 |
6.8 |
CVE-2015-0753 CISCO |
cisco — anyconnect_secure_mobility_client |
The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797. |
2015-05-29 |
6.8 |
CVE-2015-0755 CISCO |
cisco — wireless_lan_controller |
Cisco Wireless LAN Controller (WLC) devices with software 7.4(1.1) allow remote attackers to cause a denial of service (wireless-networking outage) via crafted TCP traffic on the local network, aka Bug ID CSCug67104. |
2015-05-29 |
6.1 |
CVE-2015-0756 CISCO |
cisco — identity_services_engine_software |
The web framework in Cisco Identity Services Engine (ISE) 1.2(1.901) and 1.3(0.722) does not properly implement session handlers, which allows remote attackers to obtain sensitive information by reading web pages, as demonstrated by MnT reports, aka Bug ID CSCuq23140. |
2015-05-29 |
5.0 |
CVE-2015-0757 CISCO |
cisco — unified_meetingplace |
The web-based user interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCus97452. |
2015-05-30 |
4.0 |
CVE-2015-0758 CISCO |
cisco — headend_digital_broadband_delivery_system |
Cross-site request forgery (CSRF) vulnerability in Cisco Headend Digital Broadband Delivery System allows remote attackers to hijack the authentication of arbitrary users. |
2015-06-02 |
6.8 |
CVE-2015-0759 CISCO |
cisco — adaptive_security_appliance_software |
The IKEv1 implementation in Cisco ASA Software 7.x, 8.0.x, 8.1.x, and 8.2.x before 8.2.2.13 allows remote authenticated users to bypass XAUTH authentication via crafted IKEv1 packets, aka Bug ID CSCus47259. |
2015-06-04 |
4.0 |
CVE-2015-0760 CISCO |
cisco — unified_meetingplace |
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) for Microsoft Outlook allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCuu51400. |
2015-06-04 |
4.3 |
CVE-2015-0762 CISCO |
cisco — unified_meetingplace |
Cisco Unified MeetingPlace 8.6(1.2) does not properly validate session IDs in http URLs, which allows remote attackers to obtain sensitive session information via a crafted URL, aka Bug ID CSCuu60338. |
2015-06-04 |
5.0 |
CVE-2015-0763 CISCO |
cisco — unified_meetingplace |
Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via a crafted resource request, aka Bug ID CSCus95603. |
2015-06-04 |
5.0 |
CVE-2015-0764 CISCO |
cisco — ons_15454_system_software |
Cisco ONS 15454 System Software 10.30 and 10.301 allows remote attackers to cause a denial of service (tNetTask CPU consumption or card reset) via a flood of (1) IP or (2) Ethernet traffic, aka Bug ID CSCus57263. |
2015-06-04 |
5.0 |
CVE-2015-0765 CISCO |
cisco — firesight_system_software |
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in the Management Center component in Cisco FireSIGHT System Software 6.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug IDs CSCus93566, CSCut31557, and CSCut47196. |
2015-06-04 |
4.3 |
CVE-2015-0766 CISCO |
djangoproject — django |
The session.flush function in the cached_db backend in Django 1.8.x before 1.8.2 does not properly flush the session, which allows remote attackers to hijack user sessions via an empty string in the session key. |
2015-06-02 |
5.0 |
CVE-2015-3982 CONFIRM |
emc — rsa_web_threat_detection |
Cross-site request forgery (CSRF) vulnerability in EMC RSA Web Threat Detection before 5.1 allows remote attackers to hijack the authentication of arbitrary users. |
2015-06-05 |
6.8 |
CVE-2015-0541 BUGTRAQ |
f21 — jwt |
JWT.php in F21 JWT before 2.0 allows remote attackers to bypass signature verification via crafted tokens. |
2015-06-05 |
5.0 |
CVE-2015-2951 CONFIRM JVNDB JVN |
hp — smart_zero_core |
Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors. |
2015-06-05 |
6.8 |
CVE-2015-2124 HP |
ibm — infosphere_master_data_management_server |
Unspecified vulnerability in the Reference Data Management component in IBM InfoSphere Master Data Management 10.1, 11.0, 11.3 before FP3, and 11.4 allows remote authenticated users to gain privileges via unknown vectors. |
2015-06-02 |
6.5 |
CVE-2015-1945 CONFIRM |
ids — nc854 |
Directory traversal vulnerability in the NC854 and NC856 modules for IDS RTU 850C devices allows remote authenticated users to read arbitrary files via unspecified vectors involving an internal web server, as demonstrated by reading a TELNET credentials file. |
2015-05-31 |
6.8 |
CVE-2015-3939 MISC |
moodle — moodle |
mod/lti/ajax.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 does not consider the moodle/course:manageactivities and mod/lti:addinstance capabilities before proceeding with registered-tool list searches, which allows remote authenticated users to obtain sensitive information via requests to the LTI Ajax service. |
2015-06-01 |
4.0 |
CVE-2015-0211 CONFIRM MLIST CONFIRM |
moodle — moodle |
Multiple cross-site request forgery (CSRF) vulnerabilities in (1) editcategories.html and (2) editcategories.php in the Glossary module in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allow remote attackers to hijack the authentication of unspecified victims. |
2015-06-01 |
6.8 |
CVE-2015-0213 CONFIRM MLIST CONFIRM |
moodle — moodle |
message/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to bypass a messaging-disabled setting via a web-services request, as demonstrated by a people-search request. |
2015-06-01 |
4.0 |
CVE-2015-0214 CONFIRM MLIST CONFIRM |
moodle — moodle |
calendar/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to obtain sensitive calendar-event information via a web-services request. |
2015-06-01 |
4.0 |
CVE-2015-0215 CONFIRM MLIST CONFIRM |
moodle — moodle |
filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to cause a denial of service (CPU consumption or partial outage) via a crafted string that is matched against an improper regular expression. |
2015-06-01 |
6.8 |
CVE-2015-0217 CONFIRM MLIST CONFIRM |
moodle — moodle |
Cross-site request forgery (CSRF) vulnerability in auth/shibboleth/logout.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout. |
2015-06-01 |
6.8 |
CVE-2015-0218 CONFIRM MLIST CONFIRM |
moodle — moodle |
Directory traversal vulnerability in the min_get_slash_argument function in lib/configonlylib.php in Moodle through 2.5.9, 2.6.x before 2.6.8, 2.7.x before 2.7.5, and 2.8.x before 2.8.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter, as demonstrated by reading PHP scripts. |
2015-06-01 |
6.8 |
CVE-2015-1493 CONFIRM MLIST MLIST CONFIRM CONFIRM |
moodle — moodle |
message/index.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 does not consider the moodle/site:readallmessages capability before accessing arbitrary conversations, which allows remote authenticated users to obtain sensitive personal-contact and unread-message-count information via a modified URL. |
2015-06-01 |
4.0 |
CVE-2015-2266 CONFIRM MLIST CONFIRM |
moodle — moodle |
mdeploy.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to bypass intended access restrictions and extract archives to arbitrary directories via a crafted dataroot value. |
2015-06-01 |
4.0 |
CVE-2015-2267 CONFIRM MLIST CONFIRM |
moodle — moodle |
filter/urltolink/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to cause a denial of service (CPU consumption or partial outage) via a crafted string that is matched against an improper regular expression. |
2015-06-01 |
6.8 |
CVE-2015-2268 CONFIRM MLIST CONFIRM |
moodle — moodle |
lib/moodlelib.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4, when the theme uses the blocks-regions feature, establishes the course state at an incorrect point in the login-validation process, which allows remote attackers to obtain sensitive course information via unspecified vectors. |
2015-06-01 |
4.3 |
CVE-2015-2270 CONFIRM MLIST CONFIRM |
moodle — moodle |
tag/user.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 does not consider the moodle/tag:flag capability before proceeding with a flaginappropriate action, which allows remote authenticated users to bypass intended access restrictions via the “Flag as inappropriate” feature. |
2015-06-01 |
4.0 |
CVE-2015-2271 CONFIRM MLIST CONFIRM |
moodle — moodle |
login/token.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to bypass a forced-password-change requirement by creating a web-services token. |
2015-06-01 |
4.0 |
CVE-2015-2272 CONFIRM MLIST CONFIRM |
moodle — moodle |
Multiple open redirect vulnerabilities in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an error page that links to a URL from an HTTP Referer header. |
2015-06-01 |
5.8 |
CVE-2015-3175 CONFIRM MLIST CONFIRM |
moodle — moodle |
The account-confirmation feature in login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote attackers to obtain sensitive full-name information by attempting to self-register. |
2015-06-01 |
4.3 |
CVE-2015-3176 CONFIRM MLIST CONFIRM |
moodle — moodle |
lib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to obtain sensitive course-structure information by leveraging access to a student account with a suspended enrolment. |
2015-06-01 |
4.0 |
CVE-2015-3180 CONFIRM MLIST CONFIRM |
moodle — moodle |
files/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not consider the moodle/user:manageownfiles capability before approving a private-file upload, which allows remote authenticated users to bypass intended file-management restrictions by using web services to perform uploads after this capability has been revoked. |
2015-06-01 |
4.0 |
CVE-2015-3181 CONFIRM MLIST CONFIRM |
moxa — softcms |
Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka SStreamVideo) ActiveX control in Moxa SoftCMS before 1.3 allows remote attackers to execute arbitrary code via the StrRtspPath parameter. |
2015-06-05 |
6.8 |
CVE-2015-1000 MISC MISC |
open_explorer_beta_project — open_explorer_beta |
Directory traversal vulnerability in the Brandon Bowles Open Explorer application before 0.254 Beta for Android allows remote attackers to write to arbitrary files via a crafted filename. |
2015-06-05 |
6.4 |
CVE-2015-2950 JVNDB MISC JVN |
paloaltonetworks — pan-os |
XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive information via crafted XML data. |
2015-06-02 |
4.0 |
CVE-2015-4162 CONFIRM |
parityrate — roomcloud |
Multiple cross-site scripting (XSS) vulnerabilities in roomcloud.php in the Roomcloud plugin before 1.3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) pin, (2) start_day, (3) start_month, (4) start_year, (5) end_day, (6) end_month, (7) end_year, (8) lang, (9) adults, or (10) children parameter. |
2015-05-29 |
4.3 |
CVE-2015-3904 CONFIRM CONFIRM BID FULLDISC MISC |
rockwellautomation — rsview32 |
Rockwell Automation RSView32 7.60.00 (aka CPR9 SR4) and earlier does not properly encrypt credentials, which allows local users to obtain sensitive information by reading a file and conducting a decryption attack. |
2015-05-31 |
4.9 |
CVE-2015-1010 MISC MISC |
sap — gui |
The LZH decompression implementation (CsObjectInt::BuildHufTree function in vpa108csulzh.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to look-ups of non-simple codes, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316. |
2015-06-02 |
5.0 |
CVE-2015-2278 BUGTRAQ MISC FULLDISC FULLDISC MISC |
sap — hana |
The grant.xsfunc application in testApps/grantAccess/ in the XS Engine in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to spoof log entries via a crafted request, aka SAP Security Note 2109818. |
2015-05-29 |
4.0 |
CVE-2015-3994 BUGTRAQ MISC FULLDISC MISC |
sap — hana |
SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to read arbitrary files via an IMPORT FROM SQL statement, aka SAP Security Note 2109565. |
2015-05-29 |
4.0 |
CVE-2015-3995 BUGTRAQ MISC FULLDISC MISC |
sap — content_server |
SAP Content Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2127995. |
2015-06-02 |
5.0 |
CVE-2015-4157 FULLDISC |
sap — netweaver_abap_application_server |
SAP ABAP & Java Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2121661. |
2015-06-02 |
5.0 |
CVE-2015-4158 FULLDISC |
sendio — sendio |
Sendio before 7.2.4 includes the session identifier in URLs in emails, which allows remote attackers to obtain sensitive information and hijack sessions by reading the jsessionid parameter in the Referrer HTTP header. |
2015-06-02 |
5.0 |
CVE-2014-0999 CONFIRM BUGTRAQ EXPLOIT-DB FULLDISC MISC |
sendio — sendio |
The Web interface in Sendio before 7.2.4 does not properly handle sessions, which allows remote authenticated users to obtain sensitive information from other users’ sessions via a large number of request. |
2015-06-02 |
4.0 |
CVE-2014-8391 EXPLOIT-DB CONFIRM BUGTRAQ FULLDISC MISC |
sensiolabs — symfony |
FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment. |
2015-06-02 |
4.3 |
CVE-2015-4050 DEBIAN CONFIRM |
synology — cloud_station |
client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename. |
2015-05-30 |
6.8 |
CVE-2015-2851 CONFIRM CERT-VN |
thycotic — password_manager_secret_server |
The Thycotic Password Manager Secret Server application through 2.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
2015-06-02 |
5.8 |
CVE-2015-4094 MISC |
wpmembership — wpmembership |
The WP Membership plugin 1.2.3 for WordPress allows remote authenticated users to gain administrator privileges via an iv_membership_update_user_settings action to wp-admin/admin-ajax.php. |
2015-06-03 |
6.5 |
CVE-2015-4038 BUGTRAQ BUGTRAQ MISC |
xen — xen |
Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields. |
2015-06-03 |
4.9 |
CVE-2015-4103 CONFIRM |
xen — xen |
Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations. |
2015-06-03 |
4.9 |
CVE-2015-4105 CONFIRM |
xzeres — 442sr_os |
Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that select a different default admin user via a GET request. |
2015-06-05 |
6.8 |
CVE-2015-3950 MISC |
zenphoto — zenphoto |
Cross-site scripting (XSS) vulnerability in the image processor in Zenphoto before 1.4.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
2015-05-31 |
4.3 |
CVE-2015-2948 CONFIRM JVNDB JVN |
zenphoto — zenphoto |
Cross-site scripting (XSS) vulnerability in ZenPhoto20 1.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
2015-05-31 |
4.3 |
CVE-2015-2949 JVNDB JVN |
zeromq — zeromq |
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMPT v3 protocol security mechanisms via a ZMTP v2 or earlier header. |
2015-06-03 |
4.3 |
CVE-2014-9721 CONFIRM CONFIRM DEBIAN |