Original release date: September 28, 2015
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0
-
Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9
-
Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
3s-smart — codesys_gateway_server | Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.47 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0. | 2015-09-18 | 7.5 | CVE-2015-6460 MISC MISC MISC |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5579. | 2015-09-22 | 10.0 | CVE-2015-5567 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors. | 2015-09-22 | 10.0 | CVE-2015-5568 CONFIRM |
adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, and CVE-2015-6682. | 2015-09-22 | 10.0 | CVE-2015-5570 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code by leveraging an unspecified “type confusion.” | 2015-09-22 | 10.0 | CVE-2015-5573 CONFIRM |
adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5581, CVE-2015-5584, and CVE-2015-6682. | 2015-09-22 | 10.0 | CVE-2015-5574 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. | 2015-09-22 | 10.0 | CVE-2015-5575 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. | 2015-09-22 | 10.0 | CVE-2015-5577 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. | 2015-09-22 | 10.0 | CVE-2015-5578 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5567. | 2015-09-22 | 10.0 | CVE-2015-5579 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. | 2015-09-22 | 10.0 | CVE-2015-5580 CONFIRM |
adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5584, and CVE-2015-6682. | 2015-09-22 | 10.0 | CVE-2015-5581 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5588, and CVE-2015-6677. | 2015-09-22 | 10.0 | CVE-2015-5582 CONFIRM |
adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, and CVE-2015-6682. | 2015-09-22 | 10.0 | CVE-2015-5584 CONFIRM |
adobe — air | Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors. | 2015-09-22 | 10.0 | CVE-2015-5587 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, and CVE-2015-6677. | 2015-09-22 | 10.0 | CVE-2015-5588 CONFIRM |
adobe — air | Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6678. | 2015-09-22 | 10.0 | CVE-2015-6676 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, and CVE-2015-5588. | 2015-09-22 | 10.0 | CVE-2015-6677 CONFIRM |
adobe — air | Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6676. | 2015-09-22 | 10.0 | CVE-2015-6678 CONFIRM |
adobe — air | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, and CVE-2015-5584. | 2015-09-22 | 10.0 | CVE-2015-6682 CONFIRM |
apple — mac_os_x_server | Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 allow attackers to have an unknown impact via an XML document. | 2015-09-18 | 10.0 | CVE-2015-5911 CONFIRM APPLE |
avira — management_console | Use-after-free vulnerability in the Update Manager service in Avira Management Console allows remote attackers to execute arbitrary code via a large header. | 2015-09-21 | 10.0 | CVE-2015-7303 MISC |
boxoft — boxoft_wav_to_mp3_converter | Buffer overflow in Boxoft WAV to MP3 Converter allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted WAV file. | 2015-09-18 | 7.5 | CVE-2015-7243 EXPLOIT-DB MISC |
cisco — prime_collaboration_assurance | The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended access restrictions, and create administrative accounts or read data from arbitrary tenant domains, via a crafted URL, aka Bug IDs CSCus62671 and CSCus62652. | 2015-09-19 | 9.0 | CVE-2015-4304 CISCO |
cisco — prime_collaboration_assurance | The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended login-session read restrictions, and impersonate administrators of arbitrary tenant domains, by discovering a session identifier and constructing a crafted URL, aka Bug IDs CSCus88343 and CSCus88334. | 2015-09-19 | 8.5 | CVE-2015-4306 CISCO |
cisco — prime_collaboration_provisioning | The web framework in Cisco Prime Collaboration Provisioning before 11.0 allows remote authenticated users to bypass intended access restrictions and create administrative accounts via a crafted URL, aka Bug ID CSCut64111. | 2015-09-19 | 9.0 | CVE-2015-4307 CISCO |
cisco — telepresence_server_software | Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277. | 2015-09-20 | 7.8 | CVE-2015-6284 CISCO |
cisco — prime_network_registrar | Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825. | 2015-09-18 | 7.2 | CVE-2015-6296 CISCO |
ge — mds_pulsenet | GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 have hardcoded credentials for a support account, which allows remote attackers to obtain administrative access, and consequently execute arbitrary code, by leveraging knowledge of the password. | 2015-09-18 | 9.0 | CVE-2015-6456 MISC MISC CONFIRM |
ge — mds_pulsenet | Absolute path traversal vulnerability in the download feature in FileDownloadServlet in GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 allows remote attackers to read or delete arbitrary files via a full pathname. | 2015-09-18 | 10.0 | CVE-2015-6459 MISC MISC CONFIRM |
mozilla — firefox | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 2015-09-24 | 7.5 | CVE-2015-4500 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
mozilla — firefox | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 2015-09-24 | 7.5 | CVE-2015-4501 CONFIRM CONFIRM CONFIRM |
mozilla — firefox | Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176. | 2015-09-24 | 7.5 | CVE-2015-4509 CONFIRM CONFIRM |
mozilla — firefox | Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs. | 2015-09-24 | 9.3 | CVE-2015-4516 CONFIRM CONFIRM |
mozilla — firefox | NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors. | 2015-09-24 | 7.5 | CVE-2015-4517 CONFIRM CONFIRM |
mozilla — firefox | The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors. | 2015-09-24 | 7.5 | CVE-2015-4521 CONFIRM CONFIRM |
mozilla — firefox | The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an “overflow.” | 2015-09-24 | 7.5 | CVE-2015-4522 CONFIRM CONFIRM |
mozilla — firefox | The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an “overflow.” | 2015-09-24 | 7.5 | CVE-2015-7174 CONFIRM CONFIRM |
mozilla — firefox | The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an “overflow.” | 2015-09-24 | 7.5 | CVE-2015-7175 CONFIRM CONFIRM |
mozilla — firefox | The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via unknown vectors. | 2015-09-24 | 7.5 | CVE-2015-7176 CONFIRM CONFIRM |
mozilla — firefox | The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors. | 2015-09-24 | 7.5 | CVE-2015-7177 CONFIRM CONFIRM |
mozilla — firefox | The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted (1) OpenGL or (2) WebGL content. | 2015-09-24 | 7.5 | CVE-2015-7178 CONFIRM CONFIRM |
mozilla — firefox | The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted (1) OpenGL or (2) WebGL content. | 2015-09-24 | 7.5 | CVE-2015-7179 CONFIRM CONFIRM |
mozilla — firefox | The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors. | 2015-09-24 | 7.5 | CVE-2015-7180 CONFIRM CONFIRM |
philippine_long_distance_telephone — kasda_kw58293_firmware | Buffer overflow in form2ping.cgi on Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to cause a denial of service (device outage) via a long ipaddr parameter. | 2015-09-21 | 7.8 | CVE-2015-5993 CERT-VN |
sap — netweaver_j2ee_engine | SQL injection vulnerability in the BP_FIND_JOBS_WITH_PROGRAM function module in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2015-09-18 | 7.5 | CVE-2015-7239 MISC |
securifi — almond-2015_firmware | Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M have a default password of admin for the admin account, which allows remote attackers to obtain web-management access by leveraging the ability to authenticate from the intranet. | 2015-09-21 | 7.3 | CVE-2015-2915 CERT-VN |
sqlite — sqlite | Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as used in Apple iOS before 9, have unknown impact and attack vectors. | 2015-09-18 | 10.0 | CVE-2015-5895 CONFIRM APPLE |
symantec — web_gateway | The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging a “redirect.” | 2015-09-20 | 8.5 | CVE-2015-5690 MISC CONFIRM BID |
symantec — web_gateway | admin_messages.php in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary code by uploading a file with a safe extension and content type, and then leveraging an improper Sudo configuration to make this a setuid-root file. | 2015-09-20 | 7.9 | CVE-2015-5692 MISC CONFIRM BID |
symantec — web_gateway | The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to “traffic capture.” | 2015-09-20 | 7.9 | CVE-2015-5693 MISC CONFIRM BID |
symantec — web_gateway | The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands at boot time via unspecified vectors. | 2015-09-20 | 8.3 | CVE-2015-6547 CONFIRM BID |
vboxcomm — satellite_express_protocol | The ndvbs module in VBox Communications Satellite Express Protocol 2.3.17.3 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x00000ffd ioctl call. | 2015-09-21 | 7.2 | CVE-2015-6923 MISC EXPLOIT-DB BUGTRAQ FULLDISC |
Medium Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a callback API. NOTE: this issue exists because of an incomplete fix for CVE-2014-4671 and CVE-2014-5333. | 2015-09-22 | 4.3 | CVE-2015-5571 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. | 2015-09-22 | 5.0 | CVE-2015-5572 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors. | 2015-09-22 | 5.0 | CVE-2015-5576 CONFIRM |
adobe — air | Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. | 2015-09-22 | 5.0 | CVE-2015-6679 CONFIRM |
apple — iphone_os | The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application. | 2015-09-18 | 6.9 | CVE-2014-8611 FREEBSD CONFIRM CONFIRM APPLE |
apple — iphone_os | The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors. | 2015-09-18 | 5.0 | CVE-2015-3801 CONFIRM APPLE |
apple — xcode | IDE Xcode Server in Apple Xcode before 7.0 does not properly restrict access to repository e-mail lists, which allows remote attackers to obtain potentially sensitive build information in opportunistic circumstances by leveraging incorrect notification delivery. | 2015-09-18 | 5.0 | CVE-2015-5909 APPLE CONFIRM |
apple — itunes | The Software Update component in Apple iTunes before 12.3 does not properly handle redirection, which allows man-in-the-middle attackers to discover encrypted SMB credentials via unspecified vectors. | 2015-09-18 | 4.3 | CVE-2015-5920 CONFIRM APPLE |
atlassian — hipchat | The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to “Velocity Template Injection Vulnerability.” | 2015-09-21 | 6.5 | CVE-2015-5603 CONFIRM BUGTRAQ MISC |
bolt — bolt | The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it. | 2015-09-22 | 6.5 | CVE-2015-7309 CONFIRM EXPLOIT-DB MISC FULLDISC MISC MISC |
cisco — prime_collaboration_assurance | The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended system-database read restrictions, and discover credentials or SNMP communities for arbitrary tenant domains, via a crafted URL, aka Bug ID CSCus62656. | 2015-09-19 | 4.0 | CVE-2015-4305 CISCO CISCO |
cisco — ios | Cisco IOS 15.2(3)E and earlier and IOS XE 3.6(2)E and earlier allow remote attackers to cause a denial of service (functionality loss) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuu25770. | 2015-09-18 | 6.1 | CVE-2015-6294 CISCO |
cisco — nx-os | Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560. | 2015-09-20 | 4.8 | CVE-2015-6295 CISCO |
cisco — ios_xr | The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun36525. | 2015-09-18 | 5.0 | CVE-2015-6297 CISCO |
cisco — unity_connection | SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824. | 2015-09-20 | 6.5 | CVE-2015-6299 CISCO |
cisco — secure_access_control_server | Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users to cause a denial of service (SSH screen process crash) via crafted (1) CLI or (2) GUI commands, aka Bug ID CSCuw24694. | 2015-09-20 | 4.0 | CVE-2015-6300 CISCO |
cisco — asr_9001 | The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171. | 2015-09-20 | 5.0 | CVE-2015-6301 CISCO |
cisco — spark | The Cisco Spark application 2015-07-04 for mobile operating systems does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, aka Bug IDs CSCut36742 and CSCut36844. | 2015-09-24 | 4.3 | CVE-2015-6303 CISCO |
cisco — telepresence_server_software | Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Server software 3.0(2.24) allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCut63718, CSCut63724, and CSCut63760. | 2015-09-24 | 6.8 | CVE-2015-6304 CISCO |
dena — h20 | Directory traversal vulnerability in H2O before 1.4.5 and 1.5.x before 1.5.0-beta2, when the file.dir directive is enabled, allows remote attackers to read arbitrary files via a crafted URL. | 2015-09-20 | 4.3 | CVE-2015-5638 CONFIRM JVNDB JVN |
drupaldise — cms_updater | The CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal does not properly check access permissions, which allows remote authenticated users to access and change settings by leveraging the “access administration pages” permission. | 2015-09-21 | 4.9 | CVE-2015-7306 MISC CONFIRM |
drupaldise — cms_updater | Cross-site scripting (XSS) vulnerability in the CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the configuration page. | 2015-09-21 | 4.3 | CVE-2015-7307 MISC CONFIRM |
f5 — big-ip_advanced_firewall_manager | The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 through 11.3.0, and BIG-IP PSM 11.2.1 through 11.4.1 allows remote attackers to cause a denial of service (Traffic Management Microkernel restart) via a fragmented packet. | 2015-09-18 | 5.0 | CVE-2015-4638 CONFIRM SECTRACK |
ipython — notebook | Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site request forgery (CSRF) vulnerability, but this may be inaccurate. | 2015-09-21 | 4.3 | CVE-2015-6938 CONFIRM CONFIRM CONFIRM CONFIRM MLIST MLIST FEDORA FEDORA |
joomla — joomla! | Cross-site scripting (XSS) vulnerability in the login module in Joomla! 3.4.x before 3.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2015-09-18 | 4.3 | CVE-2015-6939 SECTRACK CONFIRM |
mcafee — mcafee_agent | Directory traversal vulnerability in the remote log viewing functionality in McAfee Agent (MA) 5.x before 5.0.2 allows remote attackers to obtain sensitive information via unspecified vectors. | 2015-09-18 | 5.0 | CVE-2015-7237 CONFIRM SECTRACK |
mcafee — enterprise_security_manager | McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename, which is not properly handled when downloading the file. | 2015-09-22 | 6.5 | CVE-2015-7310 CONFIRM |
mozilla — firefox | Mozilla Firefox before 41.0 on Android allows user-assisted remote attackers to spoof address-bar attributes by leveraging lack of navigation after a paste of a URL with a nonstandard scheme, as demonstrated by spoofing an SSL attribute. | 2015-09-24 | 4.3 | CVE-2015-4476 CONFIRM CONFIRM |
mozilla — firefox | js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site. | 2015-09-24 | 4.3 | CVE-2015-4502 CONFIRM CONFIRM CONFIRM |
mozilla — firefox | The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application. | 2015-09-24 | 5.0 | CVE-2015-4503 CONFIRM CONFIRM |
mozilla — firefox | The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allows remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash) via crafted attributes in the ICC 4 profile of an image. | 2015-09-24 | 6.4 | CVE-2015-4504 CONFIRM CONFIRM |
mozilla — firefox | updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service. | 2015-09-24 | 6.6 | CVE-2015-4505 CONFIRM CONFIRM |
mozilla — firefox | Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file. | 2015-09-24 | 6.8 | CVE-2015-4506 CONFIRM CONFIRM |
mozilla — firefox | The SavedStacks class in the JavaScript implementation in Mozilla Firefox before 41.0, when the Debugger API is enabled, allows remote attackers to cause a denial of service (getSlotRef assertion failure and application exit) or possibly execute arbitrary code via a crafted web site. | 2015-09-24 | 5.1 | CVE-2015-4507 CONFIRM CONFIRM |
mozilla — firefox | Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation. | 2015-09-24 | 6.8 | CVE-2015-4510 CONFIRM CONFIRM |
mozilla — firefox | Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video. | 2015-09-24 | 6.8 | CVE-2015-4511 CONFIRM CONFIRM |
mozilla — firefox | gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering. | 2015-09-24 | 6.4 | CVE-2015-4512 CONFIRM CONFIRM |
mozilla — firefox | Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect’s target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element. | 2015-09-24 | 4.3 | CVE-2015-4519 CONFIRM CONFIRM |
mozilla — firefox | Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header. | 2015-09-24 | 6.4 | CVE-2015-4520 CONFIRM CONFIRM CONFIRM |
mozilla — firefox | Mozilla Firefox before 41.0 does not properly restrict the availability of High Resolution Time API times, which allows remote attackers to track last-level cache access, and consequently obtain sensitive information, via crafted JavaScript code that makes performance.now calls. | 2015-09-24 | 4.3 | CVE-2015-7327 CONFIRM CONFIRM CONFIRM MISC |
newphoria_corporation — applican | The runtime engine in the Newphoria applican framework before 1.12.3 for Android and before 1.12.2 for iOS allows attackers to bypass a whitelist.xml URL whitelist protection mechanism and obtain API access via unspecified vectors. | 2015-09-20 | 6.8 | CVE-2015-5632 JVNDB JVN CONFIRM |
newphoria_corporation — auction_camera | The Newphoria Auction Camera application for iOS and before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors. | 2015-09-20 | 6.8 | CVE-2015-5633 JVNDB JVN CONFIRM |
newphoria_corporation — megaphone_music | The Newphoria MEGAPHONE MUSIC application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors. | 2015-09-20 | 6.8 | CVE-2015-5634 JVNDB JVN CONFIRM |
newphoria_corporation — koritore | The Newphoria Koritore application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors. | 2015-09-20 | 6.8 | CVE-2015-5635 JVNDB JVN CONFIRM |
newphoria_corporation — reversi | The Newphoria Reversi application before 1.0.3 for Android and before 1.2 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors. | 2015-09-20 | 6.8 | CVE-2015-5636 JVNDB JVN CONFIRM |
newphoria_corporation — 1.1 | The Newphoria Photon application before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors. | 2015-09-20 | 6.8 | CVE-2015-5637 JVNDB JVN CONFIRM |
ows — scald | The Scald module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to fields, which allows remote attackers to obtain sensitive atom property information via vectors involving a “debug context.” | 2015-09-21 | 5.0 | CVE-2015-7305 MISC CONFIRM |
pentaho — business_analytics | The GetResource servlet in Pentaho Business Analytics (BA) Suite 4.5.x, 4.8.x, and 5.0.x through 5.2.x and Pentaho Data Integration (PDI) Suite 4.3.x, 4.4.x, and 5.0.x through 5.2.x does not restrict access to files in the pentaho-solutions/system folder, which allows remote attackers to obtain passwords and other sensitive information via a file name in the resource parameter. | 2015-09-22 | 5.0 | CVE-2015-6940 CONFIRM BUGTRAQ MISC |
philippine_long_distance_telephone — kasda_kw58293_firmware | Cross-site request forgery (CSRF) vulnerability in form2WlanSetup.cgi on Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to hijack the authentication of administrators for requests that perform setup operations, as demonstrated by modifying network settings. | 2015-09-21 | 6.8 | CVE-2015-5991 CERT-VN |
philippine_long_distance_telephone — kasda_kw58293_firmware | Cross-site scripting (XSS) vulnerability in form2WlanSetup.cgi on Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to inject arbitrary web script or HTML via the ssid parameter. | 2015-09-21 | 4.3 | CVE-2015-5992 CERT-VN |
redhat — openshift | rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to execute arbitrary commands via a crafted request to the Broker. | 2015-09-18 | 6.5 | CVE-2015-5274 REDHAT |
retrospect — retrospect | Retrospect and Retrospect Client before 10.0.2.119 on Windows, before 12.0.2.116 on OS X, and before 10.0.2.104 on Linux improperly generate password hashes, which makes it easier for remote attackers to bypass authentication and obtain access to backup files by leveraging a collision. | 2015-09-21 | 5.0 | CVE-2015-2864 CERT-VN CONFIRM MISC |
schneider_electric — struxureware_building_expert_mpm | Schneider Electric StruxureWare Building Expert MPM before 2.15 does not use encryption for the client-server data stream, which allows remote attackers to discover credentials by sniffing the network. | 2015-09-18 | 5.0 | CVE-2015-3962 MISC CONFIRM |
securifi — almond-2015_firmware | Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf of any device, which makes it easier for remote attackers to spoof responses by using this number for the destination port, a different vulnerability than CVE-2015-7296. | 2015-09-21 | 5.0 | CVE-2015-2914 CERT-VN |
securifi — almond-2015_firmware | Cross-site request forgery (CSRF) vulnerability on Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M allows remote attackers to hijack the authentication of arbitrary users. | 2015-09-21 | 6.8 | CVE-2015-2916 CERT-VN |
securifi — almond-2015_firmware | Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M unintentionally omit the X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site that contains a (1) FRAME, (2) IFRAME, or (3) OBJECT element. | 2015-09-21 | 4.3 | CVE-2015-2917 CERT-VN |
securifi — almond-2015_firmware | Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a linear algorithm for selecting the ID value in the header of a DNS query performed on behalf of the device itself, which makes it easier for remote attackers to spoof responses by including this ID value, as demonstrated by a response containing the address of the firmware update server, a different vulnerability than CVE-2015-2914. | 2015-09-21 | 4.3 | CVE-2015-7296 CERT-VN |
sumome — google_analyticator | Multiple cross-site scripting (XSS) vulnerabilities in the Google Analyticator plugin before 6.4.9.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) ga_adsense, (2) ga_admin_disable_DimentionIndex, (3) ga_downloads_prefix, (4) ga_downloads, or (5) ga_outbound_prefix parameter in the google-analyticator page to wp-admin/admin.php. | 2015-09-21 | 4.3 | CVE-2015-6238 CONFIRM MISC MISC |
symantec — endpoint_protection | Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory. | 2015-09-20 | 4.4 | CVE-2014-9227 CONFIRM BID |
symantec — endpoint_protection | sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition. | 2015-09-20 | 4.9 | CVE-2014-9228 CONFIRM BID |
symantec — endpoint_protection | Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role. | 2015-09-20 | 6.5 | CVE-2014-9229 CONFIRM BID |
symantec — deployment_solution | ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution (DS) before 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote attackers to execute arbitrary code, cause a denial of service (application crash), or possibly obtain sensitive information via a crafted Ghost image. | 2015-09-20 | 6.8 | CVE-2015-5689 MISC CONFIRM BID |
symantec — web_gateway | Multiple cross-site scripting (XSS) vulnerabilities in PHP scripts in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated an attack against admin_messages.php. | 2015-09-20 | 4.3 | CVE-2015-5691 MISC CONFIRM BID |
symantec — web_gateway | Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 2015-09-20 | 5.8 | CVE-2015-6548 CONFIRM BID |
vmware — vcenter_server | VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LDAP servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2015-09-18 | 5.8 | CVE-2015-6932 CONFIRM |
xiph — vorbis-tools | Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file. | 2015-09-21 | 4.3 | CVE-2015-6749 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM MLIST MLIST FEDORA FEDORA |
Low Vulnerabilities
Primary Vendor — Product |
Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
apple — iphone_os | CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID. | 2015-09-18 | 2.1 | CVE-2015-5898 CONFIRM APPLE |
apple — xcode | IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted, which allows remote attackers to obtain sensitive information by sniffing the network. | 2015-09-18 | 3.3 | CVE-2015-5910 APPLE CONFIRM |
drupaljedi — amocrm | Cross-site scripting (XSS) vulnerability in the amoCRM module 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP POST data. | 2015-09-21 | 2.6 | CVE-2015-7304 MISC CONFIRM |
mcafee — threat_intelligence_exchange | The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sensitive information by reading the files. | 2015-09-18 | 2.1 | CVE-2015-7238 CONFIRM |
mozilla — firefox | Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site. | 2015-09-24 | 2.6 | CVE-2015-4508 CONFIRM CONFIRM |
This product is provided subject to this Notification and this Privacy & Use policy.