aftab -- tickfa |
SQL
injection vulnerability in ticket.php in
TickFa 1.x allows remote authenticated users
to execute arbitrary SQL commands via the
tid parameter in a read action. |
2015-06-19 |
6.5 |
CVE-2015-4676
MISC |
airties -- rt-210_firmware |
Multiple
cross-site scripting (XSS) vulnerabilities
in the web interface in Airties RT-210 allow
remote attackers to inject arbitrary web
script or HTML via the (1) ddns_domainame or
(2) ddns_account parameter to ddns.stm. |
2015-06-19 |
4.3 |
CVE-2015-4679
MISC |
alcatel-lucent --
cellpipe_7130_rg_5ae.m2013_hol_firmware |
Cross-site
request forgery (CSRF) vulnerability in
Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013
HOL with firmware 1.0.0.20h.HOL allows
remote attackers to hijack the
authentication of administrators for
requests that create a user account via an
add_user action in a request to
password.cmd. |
2015-06-23 |
6.8 |
CVE-2015-4586
MISC |
apphp -- hotel_site |
SQL
injection vulnerability in ApPHP Hotel Site
3.x.x allows remote editors to execute
arbitrary SQL commands via the pid parameter
to index.php. |
2015-06-22 |
6.5 |
CVE-2015-4713
MISC |
arduino_json_project --
arduino_json |
The
extractFrom function in
Internals/QuotedString.cpp in Arduino JSON
before 4.5 allows remote attackers to cause
a denial of service (crash) via a JSON
string with a \ (backslash) followed by a
terminator, as demonstrated by "\ ", which
triggers a buffer overflow and over-read. |
2015-06-22 |
5.0 |
CVE-2015-4590
CONFIRM
CONFIRM
CONFIRM
BID
MLIST |
async-http-client_project --
async-http-client |
Async
Http Client (aka AHC or async-http-client)
before 1.9.0 skips X.509 certificate
verification unless both a keyStore location
and a trustStore location are explicitly
set, which allows man-in-the-middle
attackers to spoof HTTPS servers by
presenting an arbitrary certificate during
use of a typical AHC configuration, as
demonstrated by a configuration that does
not send client certificates. |
2015-06-24 |
4.3 |
CVE-2013-7397
CONFIRM
MLIST |
async-http-client_project --
async-http-client |
main/java/com/ning/http/client/AsyncHttpClientConfig.java
in Async Http Client (aka AHC or
async-http-client) before 1.9.0 does not
require a hostname match during verification
of X.509 certificates, which allows
man-in-the-middle attackers to spoof HTTPS
servers via an arbitrary valid certificate. |
2015-06-24 |
4.3 |
CVE-2013-7398
CONFIRM
MLIST |
audiosharescript -- audioshare |
Cross-site
scripting (XSS) vulnerability in forgot.php
in AudioShare 2.0.2 allows remote attackers
to inject arbitrary web script or HTML via
the email parameter. |
2015-06-23 |
4.3 |
CVE-2015-4725
MISC |
cisco --
data_center_analytics_framework |
Cross-site
request forgery (CSRF) vulnerability in
Cisco Data Center Analytics Framework (DCAF)
1.4 allows remote attackers to hijack the
authentication of arbitrary users, aka Bug
ID CSCun26807. |
2015-06-23 |
6.8 |
CVE-2015-4189
CISCO |
cisco -- nx-os |
Cisco
NX-OS 5.2(5) on Nexus 7000 devices allows
remote attackers to cause a denial of
service (device crash) by sending a
malformed LLDP packet on the local network,
aka Bug ID CSCud89415. |
2015-06-20 |
6.1 |
CVE-2015-4197
CISCO |
cisco -- web_security_appliance |
Cross-site
scripting (XSS) vulnerability in the web
framework on Cisco Web Security Appliance
(WSA) devices with software 8.5.0-497 allows
remote attackers to inject arbitrary web
script or HTML via an unspecified HTTP
header, aka Bug ID CSCuu24409. |
2015-06-20 |
4.3 |
CVE-2015-4198
CISCO |
cisco --
asr_5000_series_software |
The
Gateway General Packet Radio Service Support
Node (GGSN) component on Cisco ASR 5000
devices with software 17.2.0.59184 and
18.0.L0.59219 allows remote attackers to
cause a denial of service (Session Manager
restart) via an invalid TCP/IP header, aka
Bug ID CSCut68058. |
2015-06-20 |
5.0 |
CVE-2015-4201
CISCO |
cisco -- ios |
Cisco
IOS 12.2SCH on uBR10000 router Cable Modem
Termination Systems (CMTS) does not properly
restrict access to the IP Detail Record
(IPDR) service, which allows remote
attackers to obtain potentially sensitive
MAC address and network-utilization
information via crafted IPDR packets, aka
Bug ID CSCua39203. |
2015-06-20 |
5.0 |
CVE-2015-4202
CISCO |
cisco -- ios |
Race
condition in Cisco IOS 12.2SCH in the
Performance Routing Engine (PRE) module on
uBR10000 devices, when NetFlow and an MPLS
IPv6 VPN are configured, allows remote
attackers to cause a denial of service (PXF
process crash) by sending malformed MPLS
6VPE packets quickly, aka Bug ID CSCud83396. |
2015-06-23 |
5.4 |
CVE-2015-4203
CISCO |
cisco -- cisco_ios |
Memory
leak in Cisco IOS 12.2 in the Performance
Routing Engine (PRE) module on uBR10000
devices allows remote authenticated users to
cause a denial of service (memory
consumption or PXF process crash) by sending
docsIfMCmtsMib SNMP requests quickly, aka
Bug ID CSCue65051. |
2015-06-23 |
6.8 |
CVE-2015-4204
CISCO |
cisco -- ios_xr |
Cisco
IOS XR 5.3.1 on ASR 9000 devices allows
remote attackers to cause a denial of
service (NPU chip reset or line-card reload)
by sending crafted IEEE 802.3x flow-control
PAUSE frames on the local network, aka Bug
ID CSCut19959. |
2015-06-23 |
5.7 |
CVE-2015-4205
CISCO |
cisco -- webex_meeting_center |
Cisco
WebEx Meeting Center places a meeting's
access number in a URL, which allows remote
attackers to obtain sensitive information
and bypass intended attendance restrictions
by visiting a meeting-registration page, aka
Bug ID CSCus62147. |
2015-06-23 |
5.0 |
CVE-2015-4207
CISCO |
cisco -- webex_meeting_center |
Cisco
WebEx Meeting Center does not properly
determine authorization for reading a host
calendar, which allows remote attackers to
obtain sensitive information by obtaining a
list of all meetings and then sending a
calendar request for each one, aka Bug ID
CSCur23913. |
2015-06-23 |
6.4 |
CVE-2015-4209
CISCO |
cisco -- webex_meeting_center |
Cross-site
scripting (XSS) vulnerability in Cisco WebEx
Meeting Center allows remote attackers to
inject arbitrary web script or HTML via a
crafted URL, aka Bug ID CSCur03806. |
2015-06-23 |
4.3 |
CVE-2015-4210
CISCO |
cisco -- webex_meeting_center |
Cisco
WebEx Meeting Center allows remote attackers
to obtain sensitive information via
unspecified vectors, as demonstrated by
discovering credentials, aka Bug ID
CSCut17466. |
2015-06-24 |
5.0 |
CVE-2015-4212
CISCO |
cisco -- nx-os |
Cisco
NX-OS 1.1(1g) on Nexus 9000 devices allows
remote authenticated users to discover
cleartext passwords by leveraging the
existence of a decryption mechanism, aka Bug
ID CSCuu84391. |
2015-06-24 |
4.0 |
CVE-2015-4213
CISCO |
cisco -- unified_meetingplace |
Cisco
Unified MeetingPlace 8.6(1.2) and 8.6(1.9)
allows remote authenticated users to
discover cleartext passwords by reading HTML
source code, aka Bug ID CSCuu33050. |
2015-06-24 |
4.0 |
CVE-2015-4214
CISCO |
cisco --
wireless_lan_controller_software |
Cisco
Wireless LAN Controller (WLC) devices with
software 7.5(102.0) and 7.6(1.62) allow
remote attackers to cause a denial of
service (device crash) by triggering an
exception during attempted forwarding of
unspecified IPv6 packets to a non-IPv6
device, aka Bug ID CSCuj01046. |
2015-06-24 |
6.1 |
CVE-2015-4215
CISCO |
cisco --
content_security_management_virtual_appliance |
The
remote-support feature on Cisco Web Security
Virtual Appliance (WSAv), Email Security
Virtual Appliance (ESAv), and Security
Management Virtual Appliance (SMAv) devices
before 2015-06-25 uses the same default SSH
root authorized key across different
customers' installations, which makes it
easier for remote attackers to bypass
authentication by leveraging knowledge of a
private key from another installation, aka
Bug IDs CSCuu95988, CSCuu95994, and
CSCuu96630. |
2015-06-26 |
5.0 |
CVE-2015-4216
CISCO |
cisco --
content_security_management_virtual_appliance |
The
remote-support feature on Cisco Web Security
Virtual Appliance (WSAv), Email Security
Virtual Appliance (ESAv), and Security
Management Virtual Appliance (SMAv) devices
before 2015-06-25 uses the same default SSH
host keys across different customers'
installations, which makes it easier for
remote attackers to defeat cryptographic
protection mechanisms by leveraging
knowledge of a private key from another
installation, aka Bug IDs CSCus29681,
CSCuu95676, and CSCuu96601. |
2015-06-26 |
4.3 |
CVE-2015-4217
CISCO
CISCO |
cisco -- jabber |
The
web-based user interface in Cisco Jabber
through 9.6(3) and 9.7 through 9.7(5) on
Windows allows remote attackers to obtain
sensitive information via a crafted value in
a GET request, aka Bug IDs CSCuu65622 and
CSCuu70858. |
2015-06-24 |
5.0 |
CVE-2015-4218
CISCO |
cisco --
identity_services_engine_software |
Cisco
Secure Access Control System before
5.4(0.46.2) and 5.5 before 5.5(0.46) and
Cisco Identity Services Engine 1.0(4.573) do
not properly implement access control for
support bundles, which allows remote
authenticated users to obtain sensitive
information via brute-force attempts to send
valid credentials, aka Bug IDs CSCue00833
and CSCub40331. |
2015-06-24 |
4.0 |
CVE-2015-4219
CISCO |
cisco -- unified_presence_server |
Cross-site
scripting (XSS) vulnerability in Cisco
Unified Presence Server 9.1(1) allows remote
attackers to inject arbitrary web script or
HTML via an unspecified value, aka Bug ID
CSCuq03773. |
2015-06-25 |
4.3 |
CVE-2015-4220
CISCO |
cisco --
unified_communications_manager_im_and_presence_service |
Cisco
Unified Communications Manager IM and
Presence Service 9.1(1) does not properly
restrict access to encrypted passwords,
which allows remote attackers to determine
cleartext passwords, and consequently
execute arbitrary commands, by visiting an
unspecified web page and then conducting a
decryption attack, aka Bug ID CSCuq46194. |
2015-06-26 |
4.0 |
CVE-2015-4221
CISCO |
cisco --
unified_communications_manager_im_and_presence_service |
SQL
injection vulnerability in Cisco Unified
Communications Manager IM and Presence
Service 9.1(1) allows remote authenticated
users to execute arbitrary SQL commands via
unspecified vectors, aka Bug ID CSCuq46325. |
2015-06-26 |
6.5 |
CVE-2015-4222
CISCO |
cisco -- ios_xr |
Cisco
IOS XR 5.1.3 allows remote attackers to
cause a denial of service (process reload)
via crafted MPLS Label Distribution Protocol
(LDP) packets, aka Bug ID CSCuu77478. |
2015-06-25 |
5.0 |
CVE-2015-4223
CISCO |
cups -- cups |
Cross-site
scripting (XSS) vulnerability in the
cgi_puts function in cgi-bin/template.c in
the template engine in CUPS before 2.0.3
allows remote attackers to inject arbitrary
web script or HTML via the QUERY parameter
to help/. |
2015-06-26 |
4.3 |
CVE-2015-1159
CERT-VN
CONFIRM
MISC
CONFIRM
CONFIRM
CONFIRM
MISC |
dream-multimedia-tv --
dreambox_dm500-s_firmware |
Cross-site
scripting (XSS) vulnerability in the
DreamBox DM500-S allows remote attackers to
inject arbitrary web script or HTML via the
mode parameter to /body. |
2015-06-22 |
4.3 |
CVE-2015-4714
MISC |
drupal -- drupal |
The
Render cache system in Drupal 7.x before
7.38, when used to cache content by user
role, allows remote authenticated users to
obtain private content viewed by user 1 by
reading the cache. |
2015-06-22 |
4.0 |
CVE-2015-3231
CONFIRM
DEBIAN |
drupal -- drupal |
Open
redirect vulnerability in the Field UI
module in Drupal 7.x before 7.38 allows
remote attackers to redirect users to
arbitrary web sites and conduct phishing
attacks via a URL in the destinations
parameter. |
2015-06-22 |
5.8 |
CVE-2015-3232
CONFIRM
DEBIAN |
drupal -- drupal |
Open
redirect vulnerability in the Overlay module
in Drupal 7.x before 7.38 allows remote
attackers to redirect users to arbitrary web
sites and conduct phishing attacks via
unspecified vectors. |
2015-06-22 |
5.8 |
CVE-2015-3233
CONFIRM
DEBIAN |
drupal -- drupal |
The
OpenID module in Drupal 6.x before 6.36 and
7.x before 7.38 allows remote attackers to
log into other users' accounts by leveraging
an OpenID identity from certain providers,
as demonstrated by the Verisign,
LiveJournal, and StackExchange providers. |
2015-06-22 |
4.3 |
CVE-2015-3234
CONFIRM
DEBIAN |
emc -- rsa_validation_manager |
Multiple
cross-site scripting (XSS) vulnerabilities
in EMC RSA Validation Manager (RVM) 3.2
before build 201 allow remote attackers to
inject arbitrary web script or HTML via the
(1) displayMode or (2) wrapPreDisplayMode
parameter. |
2015-06-22 |
4.3 |
CVE-2015-0526
BUGTRAQ |
fiverrscript -- fiverrscript |
Cross-site
request forgery (CSRF) vulnerability in
FiverrScript (aka Fiverr Script) 7.2 allows
remote attackers to hijack the
authentication of administrators for
requests that create a new admin via a
request to administrator/admins_create.php. |
2015-06-19 |
6.8 |
CVE-2015-4677
EXPLOIT-DB |
google -- chrome |
content/browser/webui/content_web_ui_controller_factory.cc
in Google Chrome before 43.0.2357.130 does
not properly consider the scheme in
determining whether a URL is associated with
a WebUI SiteInstance, which allows remote
attackers to bypass intended access
restrictions via a similar URL, as
demonstrated by use of http://gpu when there
is a WebUI class for handling chrome://gpu
requests. |
2015-06-26 |
5.0 |
CVE-2015-1266
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
Blink,
as used in Google Chrome before
43.0.2357.130, does not properly restrict
the creation context during creation of a
DOM wrapper, which allows remote attackers
to bypass the Same Origin Policy via crafted
JavaScript code that uses a Blink public
API, related to WebArrayBufferConverter.cpp,
WebBlob.cpp, WebDOMError.cpp, and
WebDOMFileSystem.cpp. |
2015-06-26 |
5.0 |
CVE-2015-1267
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
bindings/scripts/v8_types.py
in Blink, as used in Google Chrome before
43.0.2357.130, does not properly select a
creation context for a return value's DOM
wrapper, which allows remote attackers to
bypass the Same Origin Policy via crafted
JavaScript code, as demonstrated by use of a
data: URL. |
2015-06-26 |
5.0 |
CVE-2015-1268
CONFIRM
CONFIRM
CONFIRM |
google -- chrome |
The
DecodeHSTSPreloadRaw function in
net/http/transport_security_state.cc in
Google Chrome before 43.0.2357.130 does not
properly canonicalize DNS hostnames before
making comparisons to HSTS or HPKP preload
entries, which allows remote attackers to
bypass intended access restrictions via a
string that (1) ends in a . (dot) character
or (2) is not entirely lowercase. |
2015-06-26 |
4.3 |
CVE-2015-1269
CONFIRM
CONFIRM
CONFIRM |
haxx -- curl |
cURL
and libcurl 7.40.0 through 7.42.1 sends the
HTTP Basic authentication credentials for a
previous connection when reusing a reset
(curl_easy_reset) connection handle to send
a request to the same host name, which
allows remote attackers to obtain sensitive
information via unspecified vectors. |
2015-06-22 |
5.0 |
CVE-2015-3236
CONFIRM |
haxx -- curl |
The
smb_request_state function in cURL and
libcurl 7.40.0 through 7.42.1 allows remote
SMB servers to obtain sensitive information
from memory or cause a denial of service
(out-of-bounds read and crash) via crafted
length and offset values. |
2015-06-22 |
6.4 |
CVE-2015-3237
CONFIRM |
mcafee -- epolicy_orchestrator |
Intel
McAfee ePolicy Orchestrator (ePO) 4.x
through 4.6.9 and 5.x through 5.1.2 does not
validate server names and Certification
Authority names in X.509 certificates from
SSL servers, which allows man-in-the-middle
attackers to spoof servers and obtain
sensitive information via a crafted
certificate. |
2015-06-23 |
5.8 |
CVE-2015-2859
CERT-VN
CONFIRM
CONFIRM |
metalgenix -- genixcms |
Multiple
cross-site scripting (XSS) vulnerabilities
in the MetalGenix GeniXCMS 0.0.3 allow
remote attackers to inject arbitrary web
script or HTML via the (1) content or (2)
title field in an add action in the posts
page to index.php or the (3) q parameter in
the posts page to index.php. |
2015-06-24 |
4.3 |
CVE-2015-5066
BUGTRAQ
MISC
MISC |
mysql-lite-administrator_project
-- mysql-lite-administrator |
Multiple
cross-site scripting (XSS) vulnerabilities
in MySql Lite Administrator
(mysql-lite-administrator) beta-1 allow
remote attackers to inject arbitrary web
script or HTML via the table_name parameter
to (1) tabella.php, (2) coloni.php, or (3)
insert.php or (4) num_row parameter to
coloni.php. |
2015-06-24 |
4.3 |
CVE-2015-5064
BUGTRAQ
MISC |
nextend -- facebook_connect |
Cross-site
scripting (XSS) vulnerability in the
new_fb_sign_button function in
nextend-facebook-connect.php in Nextend
Facebook Connect plugin before 1.5.6 for
WordPress allows remote attackers to inject
arbitrary web script or HTML via the
redirect_to parameter. |
2015-06-24 |
4.3 |
CVE-2015-4413
CONFIRM
CONFIRM
FULLDISC |
openstack -- icehouse |
OpenStack
Cinder before 2014.1.5 (icehouse), 2014.2.x
before 2014.2.4 (juno), and 2015.1.x before
2015.1.1 (kilo) allows remote authenticated
users to read arbitrary files via a crafted
qcow2 signature in an image to the
upload-to-image command. |
2015-06-25 |
6.8 |
CVE-2015-1851
CONFIRM
MLIST
MLIST
MLIST
DEBIAN
MLIST |
paypal_currency_converter_basic_for_woocommerce_project
--
paypal_currency_converter_basic_for_woocommerce |
Absolute
path traversal vulnerability in proxy.php in
the google currency lookup in the Paypal
Currency Converter Basic For WooCommerce
plugin before 1.4 for WordPress allows
remote attackers to read arbitrary files via
a full pathname in the requrl parameter. |
2015-06-24 |
5.0 |
CVE-2015-5065
CONFIRM
EXPLOIT-DB
CONFIRM
MISC |
pearson -- proctorcache |
Pearson
ProctorCache before 2015.1.17 uses the same
hardcoded password across different
customers' installations, which allows
remote attackers to modify test metadata or
cause a denial of service (test disruption)
by leveraging knowledge of this password. |
2015-06-23 |
5.0 |
CVE-2015-0972
CERT-VN |
ruby-lang -- ruby |
RubyGems
2.0.x before 2.0.16, 2.2.x before 2.2.4, and
2.4.x before 2.4.7 does not validate the
hostname when fetching gems or making API
request, which allows remote attackers to
redirect requests to arbitrary domains via a
crafted DNS SRV record, aka a "DNS hijack
attack." |
2015-06-24 |
5.0 |
CVE-2015-3900
CONFIRM |
sap -- netweaver |
The
(1) Cross-System Tools and (2) Data Transfer
Workbench in SAP NetWeaver have hardcoded
credentials, which allows remote attackers
to obtain access via unspecified vectors,
aka SAP Security Note 2059659 and 2057982. |
2015-06-24 |
5.0 |
CVE-2015-5067
MISC
MISC |
sensiolabs -- symfony |
Eval
injection vulnerability in the HttpCache
class in HttpKernel in Symfony 2.x before
2.3.27, 2.4.x and 2.5.x before 2.5.11, and
2.6.x before 2.6.6 allows remote attackers
to execute arbitrary PHP code via a
language="php" attribute of a SCRIPT
element. |
2015-06-24 |
6.8 |
CVE-2015-2308
CONFIRM
JVNDB
JVN |
silverstripe -- silverstripe |
Open
redirect vulnerability in SilverStripe CMS
& Framework 3.1.13 allows remote
attackers to redirect users to arbitrary web
sites and conduct phishing attacks via a URL
in the returnURL parameter to dev/build. |
2015-06-24 |
5.8 |
CVE-2015-5062
BUGTRAQ
MISC |
silverstripe -- silverstripe |
Multiple
cross-site scripting (XSS) vulnerabilities
in SilverStripe CMS & Framework 3.1.13
allow remote attackers to inject arbitrary
web script or HTML via the (1)
admin_username or (2) admin_password
parameter to install.php. |
2015-06-24 |
4.3 |
CVE-2015-5063
BUGTRAQ
MISC |
swiftkey -- swiftkey_sdk |
Directory
traversal vulnerability in the SwiftKey
language-pack update implementation on
Samsung Galaxy S4, S4 Mini, S5, and S6
devices allows remote web servers to write
to arbitrary files, and consequently execute
arbitrary code in a privileged context, by
leveraging control of the skslm.swiftkey.net
domain name and providing a .. (dot dot) in
an entry in a ZIP archive, as demonstrated
by a traversal to the /data/dalvik-cache
directory. |
2015-06-19 |
6.4 |
CVE-2015-4641
CERT-VN
MISC
MISC
MISC
MISC |
toshiba -- chec |
CreateBossCredentials.jar
in Toshiba CHEC before 6.6 build 4014 and
6.7 before build 4329 contains a hardcoded
AES key, which allows attackers to discover
Back Office System Server (BOSS) DB2
database credentials by leveraging knowledge
of this key in conjunction with bossinfo.pro
read access. |
2015-06-24 |
5.0 |
CVE-2014-4875
CONFIRM
CERT-VN |
zohocorp --
manageengine_assetexplorer |
Cross-site
scripting (XSS) vulnerability in Zoho
ManageEngine AssetExplorer 6.1 service pack
6112 allows remote attackers to inject
arbitrary web script or HTML via a Publisher
registry entry, which is not properly
handled when the machine is scanned. |
2015-06-24 |
4.3 |
CVE-2015-2169
MISC
FULLDISC |