adobe -- coldfusion |
Adobe
BlazeDS, as used in ColdFusion 10 before
Update 18 and 11 before Update 7 and
LiveCycle Data Services 3.0.x before
3.0.0.354175, 3.1.x before 3.1.0.354180,
4.5.x before 4.5.1.354177, 4.6.2.x before
4.6.2.354178, and 4.7.x before 4.7.0.354178,
allows remote attackers to send HTTP traffic
to intranet servers via a crafted XML
document, related to a Server-Side Request
Forgery (SSRF) issue. |
2015-11-18 |
4.3 |
CVE-2015-5255
CONFIRM
CONFIRM |
adobe -- coldfusion |
Cross-site
scripting (XSS) vulnerability in Adobe
ColdFusion 10 before Update 18 and 11 before
Update 7 allows remote attackers to inject
arbitrary web script or HTML via unspecified
vectors, a different vulnerability than
CVE-2015-8053. |
2015-11-18 |
4.3 |
CVE-2015-8052
CONFIRM |
adobe -- coldfusion |
Cross-site
scripting (XSS) vulnerability in Adobe
ColdFusion 10 before Update 18 and 11 before
Update 7 allows remote attackers to inject
arbitrary web script or HTML via unspecified
vectors, a different vulnerability than
CVE-2015-8052. |
2015-11-18 |
4.3 |
CVE-2015-8053
CONFIRM |
apache -- cxf |
The
SAML Web SSO module in Apache CXF before
2.7.18, 3.0.x before 3.0.7, and 3.1.x before
3.1.3 allows remote authenticated users to
bypass authentication via a crafted SAML
response with a valid signed assertion,
related to a "wrapping attack." |
2015-11-18 |
4.0 |
CVE-2015-5253
CONFIRM
SECTRACK
MLIST
CONFIRM |
atutor -- atutor |
Unrestricted
file upload vulnerability in
mods/_core/properties/lib/course.inc.php in
ATutor before 2.2 patch 6 allows remote
authenticated users to execute arbitrary PHP
code by uploading a file with a PHP
extension as a customicon for a new course,
then accessing it via a direct request to
the file in content/. |
2015-11-16 |
6.5 |
CVE-2014-9752
BUGTRAQ
CONFIRM
FULLDISC
MISC
MISC |
atutor -- atutor |
Multiple
eval injection vulnerabilities in
mods/_standard/gradebook/edit_marks.php in
ATutor 2.2 and earlier allow remote
authenticated users with the
AT_PRIV_GRADEBOOK privilege to execute
arbitrary PHP code via the (1) asc or (2)
desc parameter. |
2015-11-16 |
6.5 |
CVE-2015-7712
BUGTRAQ
FULLDISC
MISC
MISC |
bastian_allgeier -- kirby |
Unrestricted
file upload vulnerability in the Panel
component in Bastian Allgeier Kirby before
2.1.2 allows remote authenticated users to
execute arbitrary PHP code by uploading a
file that lacks an extension, and then
renaming this file to have a .php extension. |
2015-11-19 |
6.5 |
CVE-2015-7773
CONFIRM
JVNDB
JVN |
blackberry -- enterprise_server |
The
Management Console in BlackBerry Enterprise
Server (BES) 12 before 12.2 does not
properly restrict use of FRAME elements,
which makes it easier for remote attackers
to conduct clickjacking attacks via a
crafted web site, related to a "cross frame
scripting" issue. |
2015-11-19 |
4.3 |
CVE-2015-4112
CONFIRM |
canonical -- ubuntu_linux |
The
lxd-unix.socket systemd unit file in the
Ubuntu lxd package before 0.20-0ubuntu4.1
uses world-readable permissions for
/var/lib/lxd/unix.socket, which allows local
users to gain privileges via unspecified
vectors. |
2015-11-17 |
4.6 |
CVE-2015-8222
UBUNTU
CONFIRM
CONFIRM |
cisco --
prime_collaboration_assurance |
Cross-site
request forgery (CSRF) vulnerability in
Cisco Prime Collaboration Assurance 10.5(1)
and 10.6 allows remote attackers to hijack
the authentication of arbitrary users, aka
Bug ID CSCus62712. |
2015-11-18 |
6.8 |
CVE-2015-6330
CISCO |
cisco --
firesight_system_software |
The
rule-update feature in Cisco FireSIGHT
Management Center (MC) 5.2 through 5.4.0.1
does not verify the X.509 certificate of the
support.sourcefire.com SSL server, which
allows man-in-the-middle attackers to spoof
this server and provide an invalid package,
and consequently execute arbitrary code, via
a crafted certificate, aka Bug ID
CSCuw06444. |
2015-11-18 |
6.8 |
CVE-2015-6357
CISCO |
cisco --
videoscape_distribution_suite_service_manager |
Cisco
Content Delivery System Manager Software 3.2
on Videoscape Distribution Suite Service
Manager allows remote attackers to obtain
sensitive information via crafted URLs in
REST API requests, aka Bug ID CSCuv86960. |
2015-11-13 |
5.0 |
CVE-2015-6364
CISCO |
cisco -- ios |
Cisco
IOS 15.2(04)M and 15.4(03)M lets
physical-interface ACLs supersede virtual
PPP interface ACLs, which allows remote
authenticated users to bypass intended
network-traffic restrictions in
opportunistic circumstances by using PPP,
aka Bug ID CSCur61303. |
2015-11-13 |
4.0 |
CVE-2015-6365
CISCO |
cisco --
firepower_extensible_operating_system |
Cisco
Firepower Extensible Operating System
1.1(1.160) on Firepower 9000 devices allows
remote attackers to read files via a crafted
HTTP request, aka Bug ID CSCux10608. |
2015-11-18 |
5.0 |
CVE-2015-6368
CISCO |
cisco --
firepower_extensible_operating_system |
The
USB driver in Cisco Firepower Extensible
Operating System 1.1(1.160) on Firepower
9000 devices allows physically proximate
attackers to cause a denial of service via a
crafted USB device that triggers invalid USB
commands, aka Bug ID CSCux10531. |
2015-11-18 |
4.9 |
CVE-2015-6369
CISCO |
cisco --
firepower_extensible_operating_system |
Cisco
Firepower Extensible Operating System
1.1(1.160) on Firepower 9000 devices allows
remote authenticated users to read arbitrary
files via crafted parameters to unspecified
scripts, aka Bug ID CSCux10621. |
2015-11-18 |
4.0 |
CVE-2015-6371
CISCO |
cisco --
firepower_extensible_operating_system |
Cross-site
scripting (XSS) vulnerability in the
web-based management interface in Cisco
Firepower Extensible Operating System
1.1(1.160) on Firepower 9000 devices allows
remote attackers to inject arbitrary web
script or HTML via a crafted value, aka Bug
ID CSCux10614. |
2015-11-18 |
4.3 |
CVE-2015-6372
CISCO |
cisco --
firepower_extensible_operating_system |
Cross-site
request forgery (CSRF) vulnerability in
Cisco Firepower Extensible Operating System
1.1(1.160) on Firepower 9000 devices allows
remote attackers to hijack the
authentication of arbitrary users, aka Bug
ID CSCux10611. |
2015-11-18 |
6.8 |
CVE-2015-6373
CISCO |
cisco --
firepower_extensible_operating_system |
The
web interface in Cisco Firepower Extensible
Operating System 1.1(1.160) on Firepower
9000 devices does not properly restrict use
of IFRAME elements, which makes it easier
for remote attackers to conduct clickjacking
attacks and unspecified other attacks via a
crafted web site, aka Bug ID CSCux10604. |
2015-11-18 |
4.3 |
CVE-2015-6374
CISCO |
citrix --
netscaler_application_delivery_controller_firmware |
The
Nitro API in Citrix NetScaler Application
Delivery Controller (ADC) and NetScaler
Gateway before 10.1 Build 133.9, 10.5 before
Build 58.11, and 10.5.e before Build
56.1505.e on NetScaler Service Delivery
Appliance Service VM (SVM) devices allow
attackers to obtain credentials via the
browser cache. |
2015-11-17 |
5.0 |
CVE-2015-7996
CONFIRM |
citrix --
netscaler_application_delivery_controller_firmware |
Multiple
cross-site scripting (XSS) vulnerabilities
in the Nitro API in Citrix NetScaler
Application Delivery Controller (ADC) and
NetScaler Gateway before 10.1 Build 133.9,
10.5 before Build 58.11, and 10.5.e before
Build 56.1505.e on NetScaler Service
Delivery Appliance Service VM (SVM) devices
allow remote attackers to inject arbitrary
web script or HTML via unspecified vectors. |
2015-11-17 |
4.3 |
CVE-2015-7997
CONFIRM |
citrix --
netscaler_application_delivery_controller_firmware |
The
administration UI in Citrix NetScaler
Application Delivery Controller (ADC) and
NetScaler Gateway before 10.1 Build 133.9,
10.5 before Build 58.11, and 10.5.e before
Build 56.1505.e on NetScaler Service
Delivery Appliance Service VM (SVM) devices
allows attackers to obtain sensitive
information via unspecified vectors. |
2015-11-17 |
5.0 |
CVE-2015-7998
CONFIRM |
d-link -- dir-816l_firmware |
Multiple
cross-site request forgery (CSRF)
vulnerabilities in the D-Link DIR-816L
Wireless Router with firmware before
2.06.B09_BETA allow remote attackers to
hijack the authentication of administrators
for requests that (1) change the admin
password, (2) change the network policy, or
(3) possibly have other unspecified impact
via crafted requests to hedwig.cgi and
pigwidgeon.cgi. |
2015-11-18 |
6.8 |
CVE-2015-5999
BUGTRAQ
FULLDISC
MISC
CONFIRM |
ffmpeg -- ffmpeg |
The
decode_uncompressed function in
libavcodec/faxcompr.c in FFmpeg before 2.8.2
does not validate uncompressed runs, which
allows remote attackers to cause a denial of
service (out-of-bounds array access) or
possibly have unspecified other impact via
crafted CCITT FAX data. |
2015-11-16 |
6.8 |
CVE-2015-8218
CONFIRM |
gentoo -- libsndfile |
The
psf_fwrite function in file_io.c in
libsndfile allows attackers to cause a
denial of service (divide-by-zero error and
application crash) via unspecified vectors
related to the headindex variable. |
2015-11-19 |
5.0 |
CVE-2014-9756
CONFIRM
CONFIRM
MLIST
MLIST
SUSE |
gnome -- networkmanager |
GNOME
NetworkManager allows remote attackers to
cause a denial of service (IPv6 traffic
disruption) via a crafted MTU value in an
IPv6 Router Advertisement (RA) message, a
different vulnerability than CVE-2015-8215. |
2015-11-17 |
5.0 |
CVE-2015-0272
CONFIRM
BID
CONFIRM |
gnu -- gcc |
The
std::random_device class in libstdc++ in the
GNU Compiler Collection (aka GCC) before
4.9.4 does not properly handle short reads
from blocking sources, which makes it easier
for context-dependent attackers to predict
the random values via unspecified vectors. |
2015-11-17 |
5.0 |
CVE-2015-5276
CONFIRM
CONFIRM
SUSE |
horde -- groupware |
Multiple
cross-site request forgery (CSRF)
vulnerabilities in Horde before 5.2.8, Horde
Groupware before 5.2.11, and Horde Groupware
Webmail Edition before 5.2.11 allow remote
attackers to hijack the authentication of
administrators for requests that execute
arbitrary (1) commands via the cmd parameter
to admin/cmdshell.php, (2) SQL queries via
the sql parameter to admin/sqlshell.php, or
(3) PHP code via the php parameter to
admin/phpshell.php. |
2015-11-19 |
6.8 |
CVE-2015-7984
MISC
DEBIAN
MLIST
MLIST
MLIST |
huawei -- espace_firmware |
The
exception handling mechanism in the CLI
Module in Huawei eSpace U1910, U1911, U1930,
U1960, U1980, and U1981 unified gateways
with software before V100R001C20SPH605
allows remote attackers to cause a denial of
service (CLI outage) via crafted SSH
packets. |
2015-11-19 |
5.0 |
CVE-2015-7845
CONFIRM |
huawei -- ne_router_software |
Huawei
NE20E-S, NE40E-M, and NE40E-M2 routers with
software before V800R007C10SPC100 and NE40E
and NE80E routers with software before
V800R007C00SPC100 allows remote attackers to
send packets to other VPNs and conduct
flooding attacks via a crafted MPLS
forwarding packet, aka a "VPN routing and
forwarding (VRF) hopping vulnerability." |
2015-11-19 |
5.0 |
CVE-2015-8087
CONFIRM |
ibm -- datapower_gateway |
IBM
DataPower Gateway appliances with firmware
6.x before 6.0.0.17, 6.0.1.x before
6.0.1.17, 7.x before 7.0.0.10, 7.1.0.x
before 7.1.0.7, and 7.2.x before 7.2.0.1 do
not set the secure flag for unspecified
cookies in an https session, which makes it
easier for remote attackers to capture these
cookies by intercepting their transmission
within an http session. |
2015-11-13 |
5.0 |
CVE-2015-7427
CONFIRM
AIXAPAR |
ipsilon_project -- ipsilon |
providers/saml2/admin.py
in the Identity Provider (IdP) server in
Ipsilon 0.1.0 before 1.0.1 does not properly
check permissions to update the SAML2
Service Provider (SP) owner, which allows
remote authenticated users to cause a denial
of service via a duplicate SP name. |
2015-11-17 |
4.0 |
CVE-2015-5217
CONFIRM
CONFIRM
CONFIRM
MLIST |
ipsilon_project -- ipsilon |
providers/saml2/admin.py
in the Identity Provider (IdP) server in
Ipsilon 0.1.0 before 1.0.2 and 1.1.x before
1.1.1 does not properly check permissions,
which allows remote authenticated users to
cause a denial of service by deleting a
SAML2 Service Provider (SP). |
2015-11-17 |
5.5 |
CVE-2015-5301
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST |
linux -- linux_kernel |
The
prepend_path function in fs/dcache.c in the
Linux kernel before 4.2.4 does not properly
handle rename actions inside a bind mount,
which allows local users to bypass an
intended container protection mechanism by
renaming a directory, related to a
"double-chroot attack." |
2015-11-16 |
6.9 |
CVE-2015-2925
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST
CONFIRM
CONFIRM
MLIST
MLIST
CONFIRM
CONFIRM |
linux -- linux_kernel |
drivers/usb/serial/whiteheat.c
in the Linux kernel before 4.2.4 allows
physically proximate attackers to cause a
denial of service (NULL pointer dereference
and OOPS) or possibly have unspecified other
impact via a crafted USB device. |
2015-11-16 |
4.9 |
CVE-2015-5257
CONFIRM
CONFIRM
MLIST
CONFIRM
CONFIRM |
linux -- linux_kernel |
The
KVM subsystem in the Linux kernel through
4.2.6, and Xen 4.3.x through 4.6.x, allows
guest OS users to cause a denial of service
(host OS panic or hang) by triggering many
#AC (aka Alignment Check) exceptions,
related to svm.c and vmx.c. |
2015-11-16 |
4.9 |
CVE-2015-5307
CONFIRM
CONFIRM
CONFIRM
MLIST
CONFIRM |
linux -- linux_kernel |
Multiple
race conditions in the Advanced Union
Filesystem (aufs) aufs3-mmap.patch and
aufs4-mmap.patch patches for the Linux
kernel 3.x and 4.x allow local users to
cause a denial of service (use-after-free
and BUG) or possibly gain privileges via a
(1) madvise or (2) msync system call,
related to mm/madvise.c and mm/msync.c. |
2015-11-16 |
4.4 |
CVE-2015-7312
MLIST
MLIST |
linux -- linux_kernel |
The
KVM subsystem in the Linux kernel through
4.2.6, and Xen 4.3.x through 4.6.x, allows
guest OS users to cause a denial of service
(host OS panic or hang) by triggering many
#DB (aka Debug) exceptions, related to
svm.c. |
2015-11-16 |
4.7 |
CVE-2015-8104
CONFIRM
CONFIRM
CONFIRM
MLIST
CONFIRM |
linux -- linux_kernel |
net/ipv6/addrconf.c
in the IPv6 stack in the Linux kernel before
4.0 does not validate attempted changes to
the MTU value, which allows
context-dependent attackers to cause a
denial of service (packet loss) via a value
that is (1) smaller than the minimum
compliant value or (2) larger than the MTU
of an interface, as demonstrated by a Router
Advertisement (RA) message that is not
validated by a daemon, a different
vulnerability than CVE-2015-0272. NOTE: the
scope of CVE-2015-0272 is limited to the
NetworkManager product. |
2015-11-16 |
5.0 |
CVE-2015-8215
CONFIRM
MISC
CONFIRM
CONFIRM
CONFIRM |
newphoria_corporation --
applican |
Cross-site
scripting (XSS) vulnerability in the runtime
engine in the Newphoria applican framework
before 1.13.0 for Android and iOS allows
remote attackers to inject arbitrary web
script or HTML via a crafted SSID that is
encountered by an applican application, a
different vulnerability than CVE-2015-7772. |
2015-11-19 |
4.3 |
CVE-2015-7771
JVNDB
JVN
CONFIRM |
newphoria_corporation --
applican |
Cross-site
scripting (XSS) vulnerability in the runtime
engine in the Newphoria applican framework
before 1.13.0 for Android and iOS allows
remote attackers to inject arbitrary web
script or HTML via a crafted URL that
triggers WebView anchor attachment in an
applican application, a different
vulnerability than CVE-2015-7771. |
2015-11-19 |
4.3 |
CVE-2015-7772
JVNDB
JVN
CONFIRM |
open-xchange -- ox_guard |
Cross-site
scripting (XSS) vulnerability in
Open-Xchange OX Guard before 2.0.0-rev11
allows remote attackers to inject arbitrary
web script or HTML via the uid field in a
PGP public key, which is not properly
handled in "Guard PGP Settings." |
2015-11-19 |
4.3 |
CVE-2015-7385
CONFIRM
MISC |
pc-egg -- pwebmanager |
PC-EGG
pWebManager before 3.3.10, and before 2.2.2
for PHP 4.x, allows remote authenticated
users to execute arbitrary OS commands by
leveraging the editor role. |
2015-11-13 |
6.5 |
CVE-2015-7774
CONFIRM
JVNDB
JVN |
powerdns -- authoritative |
PowerDNS
(aka pdns) Authoritative Server 3.4.4 before
3.4.7 allows remote attackers to cause a
denial of service (assertion failure and
server crash) via crafted query packets. |
2015-11-17 |
5.0 |
CVE-2015-5311
CONFIRM
SECTRACK
MLIST |
strongswan -- strongswan |
The
server implementation of the EAP-MSCHAPv2
protocol in the eap-mschapv2 plugin in
strongSwan 4.2.12 through 5.x before 5.3.4
does not properly validate local state,
which allows remote attackers to bypass
authentication via an empty Success message
in response to an initial Challenge message. |
2015-11-18 |
5.0 |
CVE-2015-8023
CONFIRM
UBUNTU
DEBIAN |
tibco -- loglogic_unity |
The
Web Server component in TIBCO LogLogic Unity
before 1.1.1 allows remote authenticated
users to gain privileges, and consequently
obtain sensitive information, via an HTTP
request. |
2015-11-18 |
4.0 |
CVE-2015-8090
CONFIRM
CONFIRM |
uc_profile_project -- uc_profile |
The
UC Profile module 6.x-1.x before 6.x-1.3 for
Drupal does not properly check access to
profiles in certain circumstances, which
might allow remote attackers to obtain
sensitive information from the anonymous
user profile via unspecified vectors. |
2015-11-17 |
4.3 |
CVE-2015-8232
MISC
CONFIRM |
wireshark -- wireshark |
The
pcapng_read_if_descr_block function in
wiretap/pcapng.c in the pcapng parser in
Wireshark 1.12.x before 1.12.8 uses too many
levels of pointer indirection, which allows
remote attackers to cause a denial of
service (incorrect free and application
crash) via a crafted packet that triggers
interface-filter copying. |
2015-11-14 |
4.3 |
CVE-2015-7830
CONFIRM
CONFIRM
CONFIRM |
xen -- xen |
The
hypercall_create_continuation function in
arch/arm/domain.c in Xen 4.4.x through 4.6.x
allows local guest users to cause a denial
of service (host crash) via a preemptable
hypercall to the multicall interface. |
2015-11-17 |
4.9 |
CVE-2015-7812
CONFIRM
SECTRACK |
xmlsoft -- libxml2 |
libxml2
2.9.2 does not properly stop parsing invalid
input, which allows context-dependent
attackers to cause a denial of service
(out-of-bounds read and libxml2 crash) via
crafted XML data to the (1)
xmlParseEntityDecl or (2)
xmlParseConditionalSections function in
parser.c, as demonstrated by non-terminated
entities. |
2015-11-18 |
4.3 |
CVE-2015-7941
CONFIRM
CONFIRM
CONFIRM
UBUNTU
MLIST
MLIST |
xmlsoft -- libxml2 |
The
xmlParseConditionalSections function in
parser.c in libxml2 does not properly skip
intermediary entities when it stops parsing
invalid input, which allows
context-dependent attackers to cause a
denial of service (out-of-bounds read and
crash) via crafted XML data, a different
vulnerability than CVE-2015-7941. |
2015-11-18 |
6.8 |
CVE-2015-7942
CONFIRM
CONFIRM
UBUNTU
MLIST
MLIST |
xmlsoft -- libxslt |
The
xsltStylePreCompute function in preproc.c in
libxslt 1.1.28 does not check if the parent
node is an element, which allows attackers
to cause a denial of service via a crafted
XML file, related to a "type confusion"
issue. |
2015-11-17 |
5.0 |
CVE-2015-7995
CONFIRM
CONFIRM
BID
MLIST
MLIST |