Original release date: February 09, 2015
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
-
Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
-
Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe — acrobat | CoolType.dll in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows, and 10.x through 10.1.13 and 11.x through 11.0.10 on OS X, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document. | 2015-01-30 | 9.3 | CVE-2014-9161 MISC |
| adobe — flash_player | Unspecified vulnerability in Adobe Flash Player through 13.0.0.264 and 14.x, 15.x, and 16.x through 16.0.0.296 on Windows and OS X and through 11.2.202.440 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in February 2015. | 2015-02-02 | 10.0 | CVE-2015-0313 SECTRACK BID SECUNIA |
| adobe — flash_player | Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330. | 2015-02-05 | 10.0 | CVE-2015-0314 |
| adobe — flash_player | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0320, and CVE-2015-0322. | 2015-02-05 | 10.0 | CVE-2015-0315 |
| adobe — flash_player | Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330. | 2015-02-05 | 10.0 | CVE-2015-0316 |
| adobe — flash_player | Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an unspecified “type confusion,” a different vulnerability than CVE-2015-0319. | 2015-02-05 | 10.0 | CVE-2015-0317 |
| adobe — flash_player | Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330. | 2015-02-05 | 10.0 | CVE-2015-0318 |
| adobe — flash_player | Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an unspecified “type confusion,” a different vulnerability than CVE-2015-0317. | 2015-02-05 | 10.0 | CVE-2015-0319 |
| adobe — flash_player | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and CVE-2015-0322. | 2015-02-05 | 10.0 | CVE-2015-0320 |
| adobe — flash_player | Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0329, and CVE-2015-0330. | 2015-02-05 | 10.0 | CVE-2015-0321 |
| adobe — flash_player | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and CVE-2015-0320. | 2015-02-05 | 10.0 | CVE-2015-0322 |
| adobe — flash_player | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0327. | 2015-02-05 | 10.0 | CVE-2015-0323 |
| adobe — flash_player | Buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors. | 2015-02-05 | 10.0 | CVE-2015-0324 |
| adobe — flash_player | Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0326 and CVE-2015-0328. | 2015-02-05 | 10.0 | CVE-2015-0325 |
| adobe — flash_player | Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0328. | 2015-02-05 | 10.0 | CVE-2015-0326 |
| adobe — flash_player | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0323. | 2015-02-05 | 10.0 | CVE-2015-0327 |
| adobe — flash_player | Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0326. | 2015-02-05 | 10.0 | CVE-2015-0328 |
| adobe — flash_player | Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0330. | 2015-02-05 | 10.0 | CVE-2015-0329 |
| adobe — flash_player | Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0329. | 2015-02-05 | 10.0 | CVE-2015-0330 |
| apple — apple_tv | Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple TV before 7.0.3 allows attackers to access unintended filesystem locations by creating a symlink. | 2015-01-30 | 10.0 | CVE-2014-4480 |
| apple — apple_tv | FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .dfont file. | 2015-01-30 | 7.5 | CVE-2014-4484 |
| apple — apple_tv | Buffer overflow in the XML parser in Foundation in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document. | 2015-01-30 | 7.5 | CVE-2014-4485 |
| apple — apple_tv | IOAcceleratorFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly handle resource lists and IOService userclient types, which allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted app. | 2015-01-30 | 10.0 | CVE-2014-4486 |
| apple — apple_tv | Buffer overflow in IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2015-01-30 | 10.0 | CVE-2014-4487 |
| apple — apple_tv | IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly validate resource-queue metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2015-01-30 | 10.0 | CVE-2014-4488 |
| apple — apple_tv | IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly initialize event queues, which allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app. | 2015-01-30 | 10.0 | CVE-2014-4489 |
| apple — apple_tv | libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an _networkd context via a crafted XPC message from a sandboxed app, as demonstrated by lack of verification of the XPC dictionary data type. | 2015-01-30 | 7.5 | CVE-2014-4492 MISC APPLE |
| apple — iphone_os | The app-installation functionality in MobileInstallation in Apple iOS before 8.1.3 allows attackers to obtain control of the local app container by leveraging access to an enterprise distribution certificate for signing a crafted app. | 2015-01-30 | 7.5 | CVE-2014-4493 |
| apple — apple_tv | The kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not enforce the read-only attribute of a shared memory segment during use of a custom cache mode, which allows attackers to bypass intended access restrictions via a crafted app. | 2015-01-30 | 10.0 | CVE-2014-4495 |
| apple — mac_os_x | Integer signedness error in IOBluetoothFamily in the Bluetooth implementation in Apple OS X before 10.10 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (write to kernel memory) via a crafted app. | 2015-01-30 | 10.0 | CVE-2014-4497 |
| apple — mac_os_x | coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 does not verify that expected data types are present in XPC messages, which allows attackers to execute arbitrary code in a privileged context via a crafted app, as demonstrated by lack of verification of xpc_dictionary_get_value API return values during handling of a (1) match_mmap_archives, (2) delete_mmap_archives, (3) write_mmap_archive, or (4) read_mmap_archive command. | 2015-01-30 | 10.0 | CVE-2014-8817 MISC |
| apple — mac_os_x | The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8820 and CVE-2014-8821. | 2015-01-30 | 7.2 | CVE-2014-8819 |
| apple — mac_os_x | The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8819 and CVE-2014-8821. | 2015-01-30 | 7.2 | CVE-2014-8820 |
| apple — mac_os_x | The Intel Graphics Driver in Apple OS X before 10.10.2 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2014-8819 and CVE-2014-8820. | 2015-01-30 | 7.2 | CVE-2014-8821 |
| apple — mac_os_x | IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a kernel context or cause a denial of service (write to kernel memory) via a crafted app that calls an unspecified user-client method. | 2015-01-30 | 10.0 | CVE-2014-8822 |
| apple — mac_os_x | The kernel in Apple OS X before 10.10.2 does not properly validate IODataQueue object metadata fields, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2015-01-30 | 10.0 | CVE-2014-8824 |
| apple — mac_os_x | The kernel in Apple OS X before 10.10.2 does not properly perform identitysvc validation of certain directory-service functionality, which allows local users to gain privileges or spoof directory-service responses via unspecified vectors. | 2015-01-30 | 7.2 | CVE-2014-8825 |
| apple — mac_os_x | Sandbox in Apple OS X before 10.10 allows attackers to write to the sandbox-profile cache via a sandboxed app that includes a com.apple.sandbox segment in a path. | 2015-01-30 | 7.5 | CVE-2014-8828 XF |
| apple — mac_os_x | SceneKit in Apple OS X before 10.10.2 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app. | 2015-01-30 | 7.5 | CVE-2014-8829 XF |
| apple — mac_os_x | The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 does not verify that a dictionary’s Attributes key has the xpc_data data type, which allows attackers to execute arbitrary code by providing a crafted dictionary to sysmond, related to an “XPC type confusion” issue. | 2015-01-30 | 10.0 | CVE-2014-8835 MISC XF BID EXPLOIT-DB |
| apple — mac_os_x | The Bluetooth driver in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (arbitrary-size bzero of kernel memory) via a crafted app. | 2015-01-30 | 10.0 | CVE-2014-8836 XF SECTRACK MISC |
| apple — mac_os_x | Multiple unspecified vulnerabilities in the Bluetooth driver in Apple OS X before 10.10.2 allow attackers to execute arbitrary code in a privileged context via a crafted app. | 2015-01-30 | 10.0 | CVE-2014-8837 XF |
| arubanetworks — instant_access_point_firmware | Heap-based buffer overflow in Aruba Instant (IAP) with firmware before 4.0.0.7 and 4.1.x before 4.1.1.2 allows remote attackers to cause a denial of service (crash or reset to factory default) via a malformed frame to the wireless interface. | 2015-02-03 | 7.8 | CVE-2015-1348 |
| avg — internet_security | The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection before 2015.5315 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x830020f8 IOCTL call. | 2015-02-06 | 7.2 | CVE-2014-9632 OSVDB MISC EXPLOIT-DB MISC |
| bluecoat — proxyclient | Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software updates, via a crafted certificate. | 2015-02-02 | 7.1 | CVE-2015-1454 SECUNIA |
| clamav — clamav | ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a “heap out of bounds condition.” | 2015-02-03 | 7.5 | CVE-2014-9328 BID SECTRACK SECUNIA SECUNIA FEDORA FEDORA |
| clamav — clamav | ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda’s crypter or (2) mew packer file, related to a “heap out of bounds condition.” | 2015-02-03 | 7.5 | CVE-2015-1461 SECTRACK SECUNIA FEDORA FEDORA |
| clamav — clamav | ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a “heap out of bounds condition.” | 2015-02-03 | 7.5 | CVE-2015-1462 SECTRACK SECUNIA FEDORA FEDORA |
| cmsjunkie — j-classifiedsmanager | SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewad task to classifieds/offerring-ads. | 2015-02-04 | 7.5 | CVE-2015-1477 EXPLOIT-DB MISC OSVDB |
| comodo — backup | The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference. | 2015-02-03 | 7.5 | CVE-2014-9633 EXPLOIT-DB MISC CONFIRM |
| content_rating_extbase_project — content_rating_extbase | SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2015-02-03 | 7.5 | CVE-2015-1405 BID MLIST MLIST |
| content_rating_project — content_rating | SQL injection vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2015-02-03 | 7.5 | CVE-2015-1403 BID MLIST MLIST |
| cybozu — remote_service_manager | Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service (CPU consumption) via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1983. | 2015-02-01 | 7.8 | CVE-2014-7266 |
| ecommercemajor_project — ecommercemajor | Multiple SQL injection vulnerabilities in xlinkerz ecommerceMajor allow remote attackers to execute arbitrary SQL commands via the (1) productbycat parameter to product.php, or (2) username or (3) password parameter to __admin/index.php. | 2015-02-04 | 7.5 | CVE-2015-1476 EXPLOIT-DB MISC OSVDB OSVDB |
| fluxbb — fluxbb | Directory traversal vulnerability in install.php in FluxBB before 1.5.8 allows remote attackers to include and execute arbitrary local install.php files via a .. (dot dot) in the install_lang parameter. | 2015-02-03 | 9.3 | CVE-2014-9574 MISC XF |
| fortinet — fortios | The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote attackers to cause a denial of service (locked CAPWAP Access Controller) via a large number of ClientHello DTLS messages. | 2015-02-02 | 7.8 | CVE-2015-1452 MISC FULLDISC |
| fortinet — fortiauthenticator | Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the slony PostgreSQL user and (2) www-data for the www-data PostgreSQL user, which makes it easier for remote attackers to obtain access via unspecified vectors. | 2015-02-03 | 7.5 | CVE-2015-1455 BID MISC MISC |
| freebsd — freebsd | Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 10.1 allows local users to cause a denial of service (crash) and possibly gain privileges via a negative value in a VT_WAITACTIVE ioctl call, which triggers an array index error and out-of-bounds kernel memory access. | 2015-02-02 | 7.2 | CVE-2014-0998 BUGTRAQ MISC FULLDISC |
| freebsd — freebsd | The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted RE_CONFIG chunk. | 2015-02-02 | 7.8 | CVE-2014-8613 SECTRACK BID |
| google — chrome | Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper handling of a shadow-root anchor. | 2015-02-06 | 7.5 | CVE-2015-1209 CONFIRM CONFIRM |
| google — chrome | The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI. | 2015-02-06 | 7.5 | CVE-2015-1211 CONFIRM |
| google — chrome | Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 2015-02-06 | 7.5 | CVE-2015-1212 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| huawei — quidway_firmware | Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet. | 2015-02-03 | 7.5 | CVE-2015-1460 |
| i-o_data_device — np-bbrm | I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a denial of service (SSDP reflection) via UPnP requests. | 2015-02-01 | 7.8 | CVE-2015-0869 |
| ibm — tivoli_monitoring | IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands. | 2015-02-01 | 8.5 | CVE-2014-6141 XF |
| netapp — oncommand_balance | NetApp OnCommand Balance before 4.2P2 contains a “default privileged account,” which allows remote attackers to gain privileges via unspecified vectors. | 2015-02-06 | 10.0 | CVE-2014-9353 |
| npds — revolution | SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter. | 2015-02-03 | 7.5 | CVE-2015-1400 MISC MISC |
| pexip — pexip_infinity | Pexip Infinity before 8 uses the same SSH host keys across different customers’ installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these keys. | 2015-02-03 | 7.1 | CVE-2014-8779 BID BUGTRAQ MISC |
| piwigo — piwigo | SQL injection vulnerability in Piwigo before 2.5.6, 2.6.x before 2.6.5, and 2.7.x before 2.7.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2015-02-03 | 7.5 | CVE-2015-1441 BID SECUNIA |
| restaurantbiller — restaurant_biller | SQL injection vulnerability in Restaurant Biller allows remote attackers to execute arbitrary SQL commands via the cid parameter in a category action to index.php. | 2015-02-02 | 7.5 | CVE-2015-1450 MISC |
| schneider-electric — somachine | Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors. | 2015-02-01 | 7.5 | CVE-2014-9200 |
| sefrengo — sefrengo | Multiple SQL injection vulnerabilities in Sefrengo before 1.6.2 allow (1) remote attackers to execute arbitrary SQL commands via the sefrengo cookie in a login to backend/main.php or (2) remote authenticated users to execute arbitrary SQL commands via the value_id parameter in a save_value action to backend/main.php. | 2015-02-03 | 7.5 | CVE-2015-1428 MISC MISC BUGTRAQ MISC EXPLOIT-DB |
| servision — hvg_video_gateway_firmware | time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 allows remote attackers to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response. | 2015-02-03 | 10.0 | CVE-2015-0929 |
| servision — hvg_video_gateway_firmware | The web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote attackers to obtain access via an HTTP session. | 2015-02-03 | 10.0 | CVE-2015-0930 |
| servision — hvg_video_gateway_firmware | time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930. | 2015-02-03 | 9.0 | CVE-2015-1469 |
| shiromuku — bu2_bbs | Unrestricted file upload vulnerability in Mrs. Shiromuku Perl CGI shiromuku(bu2)BBS before 2.91 allows remote attackers to execute arbitrary code by uploading an executable file. | 2015-02-01 | 7.5 | CVE-2015-0868 |
| siemens — ruggedcom_firmware | The integrated management service on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to bypass authentication and perform administrative actions via unspecified vectors. | 2015-02-02 | 10.0 | CVE-2015-1448 |
| siemens — ruggedcom_firmware | Buffer overflow in the integrated web server on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to execute arbitrary code via unspecified vectors. | 2015-02-02 | 10.0 | CVE-2015-1449 |
| symantec — encryption_management_server | Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action. | 2015-01-31 | 9.0 | CVE-2014-7288 BID |
| zohocorp — manageengine_opmanager | Multiple SQL injection vulnerabilities in the FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine OpManager 8 through 11.5 build 11400 and IT360 10.5 and earlier allow remote attackers and remote authenticated users to execute arbitrary SQL commands via the (1) customerName or (2) serverRole parameter in a standbyUpdateInCentral operation to servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet. | 2015-02-04 | 7.5 | CVE-2014-7864 CONFIRM MISC XF BUGTRAQ FULLDISC MISC |
Medium Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| ansible — tower | Ansible Tower (aka Ansible UI) before 2.0.5 allows remote organization administrators to gain privileges by creating a superuser account. | 2015-02-04 | 6.5 | CVE-2015-1481 MISC BUGTRAQ EXPLOIT-DB FULLDISC MISC |
| ansible — tower | Ansible Tower (aka Ansible UI) before 2.0.5 allows remote attackers to bypass authentication and obtain sensitive information via a websocket connection to socket.io/1/. | 2015-02-04 | 5.0 | CVE-2015-1482 MISC BUGTRAQ EXPLOIT-DB FULLDISC MISC |
| apache — qpid | Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling. | 2015-02-02 | 5.0 | CVE-2015-0223 BID BUGTRAQ MISC |
| apple — iphone_os | WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site. | 2015-01-30 | 4.3 | CVE-2014-4467 |
| apple — apple_tv | WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479. | 2015-01-30 | 6.8 | CVE-2014-4476 |
| apple — apple_tv | WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4479. | 2015-01-30 | 6.8 | CVE-2014-4477 |
| apple — apple_tv | WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4477. | 2015-01-30 | 6.8 | CVE-2014-4479 |
| apple — apple_tv | Integer overflow in CoreGraphics in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. | 2015-01-30 | 6.8 | CVE-2014-4481 |
| apple — apple_tv | Buffer overflow in FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font file in a PDF document. | 2015-01-30 | 6.8 | CVE-2014-4483 |
| apple — apple_tv | The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app. | 2015-01-30 | 5.0 | CVE-2014-4491 |
| apple — iphone_os | Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate for signing a crafted app. | 2015-01-30 | 6.8 | CVE-2014-4494 |
| apple — mac_os_x | The CPU Software in Apple OS X before 10.10.2 allows physically proximate attackers to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM, aka the “Thunderstrike” issue. | 2015-01-30 | 4.9 | CVE-2014-4498 MISC |
| apple — mac_os_x | CoreGraphics in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PDF document. | 2015-01-30 | 6.8 | CVE-2014-8816 |
| apple — mac_os_x | The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X before 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leveraging root access and providing a crafted first argument. | 2015-01-30 | 4.7 | CVE-2014-8823 MISC |
| apple — mac_os_x | LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allows attackers to bypass the Gatekeeper protection mechanism via a crafted JAR archive. | 2015-01-30 | 5.0 | CVE-2014-8826 BUGTRAQ FULLDISC |
| apple — mac_os_x | Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted accessor element in a Collada file. | 2015-01-30 | 6.8 | CVE-2014-8830 XF |
| apple — mac_os_x | security_taskgate in Apple OS X before 10.10.2 allows attackers to read group-ACL-restricted keychain items of arbitrary apps via a crafted app with a signature from a (1) self-signed certificate or (2) Developer ID certificate. | 2015-01-30 | 5.0 | CVE-2014-8831 XF |
| apple — mac_os_x | The indexing functionality in Spotlight in Apple OS X before 10.10.2 writes memory contents to an external hard drive, which allows local users to obtain sensitive information by reading from this drive. | 2015-01-30 | 4.9 | CVE-2014-8832 XF |
| apple — mac_os_x | The Security component in Apple OS X before 10.10.2 does not properly process cached information about app certificates, which allows attackers to bypass the Gatekeeper protection mechanism by leveraging access to a revoked Developer ID certificate for signing a crafted app. | 2015-01-30 | 4.3 | CVE-2014-8838 XF |
| apple — mac_os_x | Spotlight in Apple OS X before 10.10.2 does not enforce the Mail “Load remote content in messages” configuration, which allows remote attackers to discover recipient IP addresses by including an inline image in an HTML e-mail message and logging HTTP requests for this image’s URL. | 2015-01-30 | 5.0 | CVE-2014-8839 XF MISC SECTRACK MISC |
| apple — iphone_os | The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sandbox protection mechanism by leveraging redirection of an SSL URL to the iTunes Store. | 2015-01-30 | 6.8 | CVE-2014-8840 MISC XF |
| asus — rt-ac56s | ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376.3715 and earlier allow remote authenticated users to execute arbitrary OS commands via unspecified vectors. | 2015-02-01 | 6.5 | CVE-2014-7269 |
| asus — rt-ac56s | Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376.3715 and earlier allows remote attackers to hijack the authentication of arbitrary users. | 2015-02-01 | 6.8 | CVE-2014-7270 |
| asus — rt-n10+d1_firmware | Multiple cross-site scripting (XSS) vulnerabilities in Asus RT-N10+ D1 router with firmware 2.1.1.1.70 allow remote attackers to inject arbitrary web script or HTML via the flag parameter to (1) result_of_get_changed_status.asp or (2) error_page.htm. | 2015-02-04 | 4.3 | CVE-2015-1437 XF XF BID BUGTRAQ BUGTRAQ BUGTRAQ MISC |
| banner_effect_header_project — banner_effect_header | Cross-site scripting (XSS) vulnerability in the Banner Effect Header plugin before 1.2.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the banner_effect_divid parameter in the BannerEffectOptions page to wp-admin/options-general.php. | 2015-02-03 | 4.3 | CVE-2015-1384 MISC BUGTRAQ FULLDISC |
| blubrry — powerpress_podcasting | Cross-site scripting (XSS) vulnerability in the Blubrry PowerPress Podcasting plugin before 6.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cat parameter in a powerpress-editcategoryfeed action in the powerpressadmin_categoryfeeds.php page to wp-admin/admin.php. | 2015-02-02 | 4.3 | CVE-2015-1385 MISC BID BUGTRAQ FULLDISC MISC |
| cisco — nx-os | The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial of service (device reload) via a long CLI command, aka Bug ID CSCur54182. | 2015-02-03 | 4.9 | CVE-2014-8013 |
| cisco — anyconnect_secure_mobility_client | Cross-site scripting (XSS) vulnerability in Cisco AnyConnect Secure Mobility Client 3.1(.02043) and earlier and Cisco HostScan Engine 3.1(.05183) and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving an applet-path URL, aka Bug IDs CSCup82990 and CSCuq80149. | 2015-02-03 | 4.3 | CVE-2014-8021 |
| cisco — webex_meetings_server | The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading return messages from crafted GET requests, aka Bug ID CSCuj67079. | 2015-02-01 | 5.0 | CVE-2015-0595 SECTRACK BID SECUNIA |
| cisco — webex_meetings_server | Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj67163. | 2015-02-01 | 6.8 | CVE-2015-0596 SECTRACK BID SECUNIA |
| cisco — webex_meetings_server | The Forgot Password feature in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to enumerate administrative accounts via crafted packets, aka Bug IDs CSCuj67166 and CSCuj67159. | 2015-02-01 | 5.0 | CVE-2015-0597 SECTRACK BID |
| cisco — unified_computing_system | The web interface in Cisco Integrated Management Controller in Cisco Unified Computing System (UCS) on C-Series Rack Servers does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a “cross-frame scripting (XFS)” issue, aka Bug ID CSCuf50138. | 2015-02-03 | 4.3 | CVE-2015-0599 |
| clamav — clamav | ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an “incorrect compiler optimization.” | 2015-02-03 | 5.0 | CVE-2015-1463 FEDORA FEDORA |
| cmsjunkie — j-classifiedsmanager | Cross-site scripting (XSS) vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the view parameter to /classifieds. | 2015-02-04 | 4.3 | CVE-2015-1478 EXPLOIT-DB MISC OSVDB |
| content_rating_extbase_project — content_rating_extbase | Cross-site scripting (XSS) vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2015-02-03 | 4.3 | CVE-2015-1404 BID MLIST MLIST |
| content_rating_project — content_rating | Cross-site scripting (XSS) vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2015-02-03 | 4.3 | CVE-2015-1402 BID MLIST MLIST |
| emc — unisphere_central | Open redirect vulnerability in EMC Unisphere Central before 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter. | 2015-02-01 | 5.8 | CVE-2015-0512 SECTRACK BID BUGTRAQ |
| fortinet — forticlient | The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of FoRtInEt!AnDrOiD, which makes it easier for attackers to obtain passwords and possibly other sensitive data by leveraging the key to decrypt data in the Shared Preferences. | 2015-02-02 | 5.0 | CVE-2015-1453 MISC FULLDISC |
| fortinet — fortiauthenticator | Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/. | 2015-02-03 | 4.0 | CVE-2015-1456 BID MISC MISC |
| fortinet — fortiauthenticator | Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command. | 2015-02-03 | 4.9 | CVE-2015-1457 XF BID MISC MISC |
| fortinet — fortiauthenticator | Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcore_enable_shell_access and executing the “shell” command. | 2015-02-03 | 6.9 | CVE-2015-1458 XF BID MISC MISC |
| fortinet — fortiauthenticator | Cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the operation parameter to cert/scep/. | 2015-02-03 | 4.3 | CVE-2015-1459 XF BID MISC MISC |
| freebsd — freebsd | Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to (1) gain privileges via the stream id to the setsockopt function, when setting the SCTIP_SS_VALUE option, or (2) read arbitrary kernel memory via the stream id to the getsockopt function, when getting the SCTP_SS_PRIORITY option. | 2015-02-02 | 4.6 | CVE-2014-8612 SECTRACK BID BUGTRAQ MISC FULLDISC |
| geo_mashup_project — geo_mashup | Cross-site scripting (XSS) vulnerability in the geo search widget in the Geo Mashup plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search key. | 2015-02-02 | 4.3 | CVE-2015-1383 MLIST FULLDISC |
| google — chrome | The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | 2015-02-06 | 5.0 | CVE-2015-1210 CONFIRM CONFIRM |
| hp — sitescope | Unspecified vulnerability in HP SiteScope 11.1x and 11.2x allows remote authenticated users to gain privileges via unknown vectors. | 2015-02-01 | 5.5 | CVE-2014-7882 |
| ibm — security_appscan | IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 supports unencrypted sessions, which allows remote attackers to obtain sensitive information by sniffing the network. | 2015-02-01 | 5.0 | CVE-2014-6136 XF |
| ibm — integration_bus | The HTTPInput node in IBM WebSphere Message Broker 7.0 before 7.0.0.8 and 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.4 allows remote attackers to obtain sensitive information by triggering a SOAP fault. | 2015-02-01 | 5.0 | CVE-2014-6170 XF |
| ibm — security_appscan | IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2015-02-01 | 5.8 | CVE-2014-8918 XF |
| labtech_software — labtech | Labtech before 100.237 on Linux uses world-writable permissions for root-executed scripts, which allows local users to gain privileges by modifying a script file. | 2015-01-31 | 6.8 | CVE-2015-0926 |
| landesk — landesk_management_suite | Cross-site scripting (XSS) vulnerability in the admin interface in LANDESK Management Suite before 9.6 SP1 allows remote attackers to inject arbitrary web script or HTML via the AMTVersion parameter to remote/serverlist_grouptree.aspx. | 2015-02-03 | 4.3 | CVE-2014-5360 FULLDISC |
| libmspack_project — libmspack | Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop. | 2015-02-03 | 5.0 | CVE-2014-9556 CONFIRM MLIST MLIST SECUNIA SUSE |
| linux — linux_kernel | Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 alllows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox. | 2015-02-06 | 6.9 | CVE-2014-5332 MISC |
| m2_technologies — optimalsite | Cross-site scripting (XSS) vulnerability in display_dialog.php in M2 OptimalSite 0.1 and 2.4 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | 2015-02-04 | 4.3 | CVE-2014-9562 MISC FULLDISC |
| manageengine — supportcenter_plus | Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.9 before hotfix 7941 allow remote attackers to inject arbitrary web script or HTML via the (1) fromCustomer, (2) username, or (3) password parameter to HomePage.do. | 2015-02-02 | 4.3 | CVE-2015-0866 MISC BID BUGTRAQ |
| manageengine — servicedesk_plus | ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows remote authenticated users to obtain sensitive ticket information via a (1) getTicketData action to servlet/AJaxServlet or a direct request to (2) swf/flashreport.swf, (3) reports/flash/details.jsp, or (4) reports/CreateReportTable.jsp. | 2015-02-04 | 4.0 | CVE-2015-1480 BID BUGTRAQ MISC EXPLOIT-DB MISC OSVDB |
| mozilla — bugzilla | Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as demonstrated by shell metacharacters in a product name. | 2015-02-01 | 6.5 | CVE-2014-8630 |
| mylittleforum — mylittleforum | Multiple cross-site scripting (XSS) vulnerabilities in my little forum 2.3.3, 2.2, and 1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) page or (2) category parameter to forum.php or the (3) page or (4) order parameter to (a) board_entry.php or (b) forum_entry.php. | 2015-02-04 | 4.3 | CVE-2015-1475 MISC FULLDISC |
| nishishi — fumy_news_clipper | Cross-site scripting (XSS) vulnerability in hb.cgi in Nishishi Factory Fumy News Clipper 2.x before 2.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2015-01-31 | 4.3 | CVE-2015-0870 |
| owncloud — owncloud | The SFTP external storage driver (files_external) in ownCloud Server before 6.0.5 validates the RSA Host key after login, which allows remote attackers to obtain sensitive information by sniffing the network. | 2015-02-04 | 4.3 | CVE-2014-5341 |
| owncloud — owncloud | The import functionality in the bookmarks application in ownCloud server before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 does not validate CSRF tokens, which allow remote attackers to conduct CSRF attacks. | 2015-02-04 | 6.8 | CVE-2014-9041 |
| owncloud — owncloud | The user_ldap (aka LDAP user and group backend) application in ownCloud before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote attackers to bypass authentication via a null byte in the password and a valid user name, which triggers an unauthenticated bind. | 2015-02-04 | 5.0 | CVE-2014-9043 |
| owncloud — owncloud | Asset Pipeline in ownCloud 7.x before 7.0.3 uses an MD5 hash of the absolute file paths of the original CSS and JS files as the name of the concatenated file, which allows remote attackers to obtain sensitive information via a brute force attack. | 2015-02-04 | 5.0 | CVE-2014-9044 |
| owncloud — owncloud | The FTP backend in user_external in ownCloud Server before 5.0.18 and 6.x before 6.0.6 allows remote attackers to bypass intended authentication requirements via a crafted password. | 2015-02-04 | 5.0 | CVE-2014-9045 |
| owncloud — owncloud | The OC_Util::getUrlContent function in ownCloud Server before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote attackers to read arbitrary files via a file:// protocol. | 2015-02-04 | 5.0 | CVE-2014-9046 |
| owncloud — owncloud | Multiple unspecified vulnerabilities in the preview system in ownCloud 6.x before 6.0.6 and 7.x before 7.0.3 allow remote attackers to read arbitrary files via unknown vectors. | 2015-02-04 | 4.3 | CVE-2014-9047 |
| owncloud — owncloud | The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote attackers to bypass the password-protection for shared files via the API. | 2015-02-04 | 5.0 | CVE-2014-9048 |
| owncloud — owncloud | The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote authenticated users to obtain all valid session IDs via an unspecified API method. | 2015-02-04 | 4.0 | CVE-2014-9049 |
| privoxy — privoxy | jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (abort) via a crafted chunk-encoded body. | 2015-02-03 | 5.0 | CVE-2015-1380 MLIST MLIST CONFIRM |
| privoxy — privoxy | Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors. | 2015-02-03 | 5.0 | CVE-2015-1381 MLIST MLIST DEBIAN SECUNIA CONFIRM CONFIRM |
| privoxy — privoxy | parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header. | 2015-02-03 | 5.0 | CVE-2015-1382 MLIST MLIST DEBIAN SECUNIA CONFIRM CONFIRM |
| qpr — portal | Multiple cross-site scripting (XSS) vulnerabilities in the note-creation page in QPR Portal 2014.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) body field. | 2015-01-31 | 4.3 | CVE-2014-8266 |
| qpr — portal | Cross-site scripting (XSS) vulnerability in QPR Portal 2014.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the RID parameter. | 2015-01-31 | 4.3 | CVE-2014-8267 |
| qpr — portal | QPR Portal before 2012.2.1 allows remote attackers to modify or delete notes via a direct request. | 2015-01-31 | 6.4 | CVE-2014-8268 |
| roundcube — webmail | program/lib/Roundcube/rcube_washtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the style attribute in an email. | 2015-02-03 | 4.3 | CVE-2015-1433 BID MLIST MLIST CONFIRM |
| siemens — scalance_x-200_series_firmware | The web server on Siemens SCALANCE X-200IRT switches with firmware before 5.2.0 allows remote attackers to hijack sessions via unspecified vectors. | 2015-02-02 | 6.8 | CVE-2015-1049 |
| siemens — ruggedcom_firmware | Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allow context-dependent attackers to discover password hashes by reading (1) files or (2) security logs. | 2015-02-02 | 5.0 | CVE-2015-1357 |
| snipsnap — snipsnap | Cross-site scripting (XSS) vulnerability in SnipSnap 0.5.2a, 1.0b1, and 1.0b2 allows remote attackers to inject arbitrary web script or HTML via the query parameter to /snipsnap-search. | 2015-02-03 | 4.3 | CVE-2014-9559 MISC FULLDISC |
| symantec — encryption_management_server | The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-mail message, as demonstrated by the outbound Subject header. | 2015-01-31 | 5.0 | CVE-2014-7287 BID |
| vmware — vsphere_data_protection | VMware vSphere Data Protection (VDP) 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 does not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoof servers, and bypass intended backup and restore access restrictions, via a crafted certificate. | 2015-01-31 | 4.3 | CVE-2014-4632 |
| web-dorado — photo_gallery | SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php. | 2015-02-02 | 6.5 | CVE-2015-1393 CONFIRM BUGTRAQ |
| zohocorp — manageengine_desktop_central | Cross-site request forgery (CSRF) vulnerability in ZOHO ManageEngine Desktop Central before 9 build 90130 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an addUser action to STATE_ID/1417736606982/roleMgmt.do. | 2015-02-04 | 6.8 | CVE-2014-9331 BID BUGTRAQ EXPLOIT-DB MISC |
| zohocorp — servicedesk_plus | SQL injection vulnerability in reports/CreateReportTable.jsp in ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows remote authenticated users to execute arbitrary SQL commands via the site parameter. | 2015-02-04 | 6.5 | CVE-2015-1479 BID MISC EXPLOIT-DB MISC |
Low Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apple — mac_os_x | The App Store process in CommerceKit Framework in Apple OS X before 10.10.2 places Apple ID credentials in App Store logs, which allows local users to obtain sensitive information by reading a file. | 2015-01-30 | 2.1 | CVE-2014-4499 |
| apple — mac_os_x | LoginWindow in Apple OS X before 10.10.2 does not transition to the lock-screen state immediately upon being woken from sleep, which allows physically proximate attackers to obtain sensitive information by reading the screen. | 2015-01-30 | 2.1 | CVE-2014-8827 XF |
| apple — mac_os_x | SpotlightIndex in Apple OS X before 10.10.2 does not properly perform deserialization during access to a permission cache, which allows local users to read search results associated with other users’ protected files via a Spotlight query. | 2015-01-30 | 2.1 | CVE-2014-8833 XF |
| apple — mac_os_x | UserAccountUpdater in Apple OS X 10.10 before 10.10.2 stores a PDF document’s password in a printing preference file, which allows local users to obtain sensitive information by reading a file. | 2015-01-30 | 2.1 | CVE-2014-8834 |
| fortinet — fortios | Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join request. | 2015-02-02 | 3.5 | CVE-2015-1451 MISC FULLDISC |
| owncloud — owncloud | Cross-site scripting (XSS) vulnerability in the import functionality in the bookmarks application in ownCloud before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote authenticated users to inject arbitrary web script or HTML by importing a link with an unspecified protocol. NOTE: this can be leveraged by remote attackers using CVE-2014-9041. | 2015-02-04 | 3.5 | CVE-2014-9042 |
| puppetlabs — rabbitmq | puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter. | 2015-02-03 | 2.1 | CVE-2014-9568 |
This product is provided subject to this Notification and this Privacy & Use policy.