- 원본기사확인하기: [US-CERT: Bulletin(SB14-125)] 2014년 5월 5일까지 발표된 보안 취약점
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
-
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
-
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| acunetix -- web_vulnerability_scanner | Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remote attackers to execute arbitrary code via an HTML file containing an IMG element with a long URL (src attribute). | 2014-04-27 | 10.0 | CVE-2014-2994 |
| adobe -- flash_player | Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in April 2014. | 2014-04-29 | 10.0 | CVE-2014-0515 |
| apache -- struts | ParametersInterceptor in Apache Struts before 2.3.16.2 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. | 2014-04-29 | 7.5 | CVE-2014-0112 |
| apache -- struts | CookieInterceptor in Apache Struts before 2.3.16.2, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. | 2014-04-29 | 7.5 | CVE-2014-0113 |
| apache -- struts | The ActionForm object in Apache Struts 1.x through 1.3.10 allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, which is passed to the getClass method. | 2014-04-30 | 7.5 | CVE-2014-0114 |
| cisco -- telepresence_system_software | Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45739. | 2014-05-02 | 7.1 | CVE-2014-2156 |
| cisco -- telepresence_system_software | Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45733. | 2014-05-02 | 7.1 | CVE-2014-2157 |
| cisco -- telepresence_system_software | Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45720. | 2014-05-02 | 7.8 | CVE-2014-2158 |
| cisco -- telepresence_system_software | The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCtq78722. | 2014-05-02 | 7.8 | CVE-2014-2159 |
| cisco -- telepresence_system_software | The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCty45745. | 2014-05-02 | 7.8 | CVE-2014-2160 |
| cisco -- telepresence_system_software | The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCty45731. | 2014-05-02 | 7.8 | CVE-2014-2161 |
| cisco -- telepresence_tc_software | The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCud29566. | 2014-05-02 | 7.8 | CVE-2014-2162 |
| cisco -- telepresence_tc_software | The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCua64961. | 2014-05-02 | 7.8 | CVE-2014-2163 |
| cisco -- telepresence_tc_software | The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCuj94651. | 2014-05-02 | 7.8 | CVE-2014-2164 |
| cisco -- telepresence_tc_software | The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtq72699. | 2014-05-02 | 7.8 | CVE-2014-2165 |
| cisco -- telepresence_tc_software | The SIP implementation in Cisco TelePresence TC Software 4.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCto70562. | 2014-05-02 | 7.8 | CVE-2014-2166 |
| cisco -- telepresence_tc_software | The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCua86589. | 2014-05-02 | 7.8 | CVE-2014-2167 |
| cisco -- telepresence_tc_software | Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to execute arbitrary code via crafted DNS response packets, aka Bug ID CSCty44804. | 2014-05-02 | 7.6 | CVE-2014-2168 |
| cisco -- telepresence_tc_software | Cisco TelePresence TC Software 4.x through 6.x before 6.2.0 and TE Software 4.x and 6.0 allow remote authenticated users to execute arbitrary commands by using the commands as arguments to internal system scripts, aka Bug ID CSCue60211. | 2014-05-02 | 9.0 | CVE-2014-2169 |
| cisco -- telepresence_tc_software | Cisco TelePresence TC Software 4.x and 5.x before 5.1.7 and 6.x before 6.0.1 and TE Software 4.x and 6.0 allow remote authenticated users to execute arbitrary commands by using the commands as arguments to tshell (aka tcsh) scripts, aka Bug ID CSCue60202. | 2014-05-02 | 9.0 | CVE-2014-2170 |
| cisco -- telepresence_tc_software | Heap-based buffer overflow in Cisco TelePresence TC Software 4.x through 6.x before 6.0.1 and TE Software 4.x and 6.0.x before 6.0.2 allows remote attackers to execute arbitrary code via crafted SIP packets, aka Bug ID CSCud81796. | 2014-05-02 | 10.0 | CVE-2014-2171 |
| cisco -- telepresence_tc_software | Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 do not properly restrict access to the serial port, which allows local users to gain privileges via unspecified commands, aka Bug ID CSCub67692. | 2014-05-02 | 7.2 | CVE-2014-2173 |
| cisco -- telepresence_tc_software | Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allow remote attackers to cause a denial of service (memory consumption) via crafted H.225 packets, aka Bug ID CSCtq78849. | 2014-05-02 | 7.8 | CVE-2014-2175 |
| citrix -- netscaler_access_gateway_firmware | Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors. | 2014-05-01 | 7.5 | CVE-2014-2881 |
| citrix -- netscaler_access_gateway_firmware | Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation. | 2014-05-01 | 7.5 | CVE-2014-2882 |
| debian -- dpkg | Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting." | 2014-04-30 | 9.3 | CVE-2014-0471 |
| fortinet -- fortiauthenticator | FortiGuard FortiAuthenticator before 3.0 allows remote administrators to gain privileges via the command line interface. | 2014-04-30 | 9.0 | CVE-2013-6990 |
| fortinet -- fortiweb | CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | 2014-04-30 | 7.5 | CVE-2014-1956 |
| google -- android | Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications. | 2014-04-29 | 7.5 | CVE-2013-7373 |
| google -- chrome | Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values, related to i18n.js and runtime.cc. | 2014-04-26 | 7.8 | CVE-2014-1730 |
| google -- chrome | core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion" for SELECT elements. | 2014-04-26 | 7.5 | CVE-2014-1731 |
| google -- chrome | Use-after-free vulnerability in browser/ui/views/speech_recognition_bubble_views.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an INPUT element that triggers the presence of a Speech Recognition Bubble window for an incorrect duration. | 2014-04-26 | 7.5 | CVE-2014-1732 |
| google -- chrome | The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access. | 2014-04-26 | 7.5 | CVE-2014-1733 |
| google -- chrome | Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 2014-04-26 | 7.5 | CVE-2014-1734 |
| google -- chrome | Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 2014-04-26 | 7.5 | CVE-2014-1735 |
| igor_sysoev -- nginx | The SPDY implementation in the ngx_http_spdy_module module in nginx 1.5.10 before 1.5.11, when running on a 32-bit platform, allows remote attackers to execute arbitrary code via a crafted request. | 2014-04-29 | 7.5 | CVE-2014-0088 |
| livetecs -- timeline | Livetecs Timelive before 6.2.8 does not properly restrict access to systemsetting.aspx, which allows remote attackers to change configurations and obtain the database connection string and credentials via unspecified vectors. | 2014-04-28 | 7.5 | CVE-2014-1217 |
| livetecs -- timeline | Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive before 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a predictable directory in Uploads/. | 2014-04-28 | 7.5 | CVE-2014-2042 |
| microsoft -- internet_explorer | Unspecified vulnerability in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism via unknown vectors, as demonstrated by ZDI during a Pwn4Fun competition at CanSecWest 2014. | 2014-04-27 | 7.5 | CVE-2014-1762 |
| microsoft -- internet_explorer | Use-after-free vulnerability in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. | 2014-04-27 | 10.0 | CVE-2014-1763 |
| microsoft -- internet_explorer | Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. | 2014-04-27 | 10.0 | CVE-2014-1764 |
| microsoft -- internet_explorer | Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014. | 2014-04-27 | 10.0 | CVE-2014-1765 |
| microsoft -- windows_8.1 | Unspecified vulnerability in the kernel in Microsoft Windows 8.1 allows local users to gain privileges via unknown vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014. | 2014-04-27 | 7.2 | CVE-2014-1766 |
| microsoft -- internet_explorer | Use-after-free vulnerability in VGX.DLL in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in April 2014. | 2014-04-27 | 10.0 | CVE-2014-1776 |
| mozilla -- firefox | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 2014-04-30 | 10.0 | CVE-2014-1518 |
| mozilla -- firefox | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 2014-04-30 | 10.0 | CVE-2014-1519 |
| mozilla -- firefox | The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content. | 2014-04-30 | 10.0 | CVE-2014-1522 |
| mozilla -- firefox | The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object. | 2014-04-30 | 10.0 | CVE-2014-1524 |
| mozilla -- firefox | The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document. | 2014-04-30 | 9.3 | CVE-2014-1525 |
| mozilla -- firefox | The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element. | 2014-04-30 | 10.0 | CVE-2014-1528 |
| mozilla -- firefox | The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted. | 2014-04-30 | 9.3 | CVE-2014-1529 |
| mozilla -- firefox | Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation. | 2014-04-30 | 10.0 | CVE-2014-1531 |
| mozilla -- firefox | Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution. | 2014-04-30 | 10.0 | CVE-2014-1532 |
| openstack -- neutron | The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied. | 2014-04-28 | 9.0 | CVE-2014-0187 |
| papercut -- papercut_mf | Unspecified vulnerability in the print release functionality in PaperCut MF 14.1 (Build 26983) has unknown impact and remote vectors, related to embedded MFPs. | 2014-04-28 | 7.5 | CVE-2014-2657 |
| phusion -- juvia | Juvia uses the same secret key for all installations, which allows remote attackers to have unspecified impact by leveraging the secret key in app/config/initializers/secret_token.rb, related to cookies. | 2014-04-29 | 7.5 | CVE-2013-7134 |
| python -- pillow | Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py. | 2014-04-27 | 10.0 | CVE-2014-3007 |
| simplemachines -- simple_machines_forum | Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows remote attackers to impersonate arbitrary users via multiple space characters characters. | 2014-04-29 | 7.5 | CVE-2013-7235 |
| simplemachines -- simple_machines_forum | Simple Machines Forum (SMF) 2.0.6, 1.1.19, and earlier allows remote attackers to impersonate arbitrary users via a Unicode homoglyph character in a username. | 2014-04-29 | 7.5 | CVE-2013-7236 |
| super_project -- super | super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMIT_NPROC attack. | 2014-04-30 | 7.2 | CVE-2014-0470 |
| unitrends -- enterprise_backup | Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php. | 2014-04-28 | 10.0 | CVE-2014-3008 |
| unitrends -- enterprise_backup | recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to bypass authentication by setting the auth parameter to a certain string. | 2014-05-02 | 7.5 | CVE-2014-3139 |
| wdc -- arkeia_virtual_appliance | Directory traversal vulnerability in opt/arkeia/wui/htdocs/index.php in the WD Arkeia virtual appliance (AVA) with firmware before 10.2.9 allows remote attackers to read arbitrary files and execute arbitrary PHP code via a ..././ (dot dot dot slash dot slash) in the lang Cookie parameter, as demonstrated by a request to login/doLogin. | 2014-04-28 | 7.5 | CVE-2014-2846 |
| xcloner -- xcloner | Multiple cross-site request forgery (CSRF) vulnerabilities in XCloner Standalone 3.5 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password via the config task to index2.php or (2) when the enable_db_backup and sql_mem options are enabled, access the database backup functionality via the dbbackup_comp parameter in the generate action to index2.php. NOTE: vector 2 might be a duplicate of CVE-2014-2340, which is for the XCloner Wordpress plugin. NOTE: remote attackers can leverage CVE-2014-2996 with vector 2 to execute arbitrary commands. | 2014-04-25 | 7.6 | CVE-2014-2579 |
| xcloner -- xcloner | XCloner Standalone 3.5 and earlier, when enable_db_backup and sql_mem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackup_comp parameter in a generate action to index2.php. NOTE: it is not clear whether this issue crosses privilege boundaries, since administrators might already have the privileges to execute code. NOTE: this can be leveraged by remote attackers using CVE-2014-2579. | 2014-04-25 | 7.1 | CVE-2014-2996 |
Medium Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apache -- harmony | The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture (JCA) in Android before 4.4 and other products, when no seed is provided by the user, uses an incorrect offset value, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the resulting PRNG predictability, as exploited in the wild against Bitcoin wallet applications in August 2013. | 2014-04-29 | 5.0 | CVE-2013-7372 |
| basespace_ruby_sdk_project -- basespace_ruby_sdk | The put_call function in the API client (api/api_client.rb) in the BaseSpace Ruby SDK (aka bio-basespace-sdk) gem 0.1.7 for Ruby uses the API_KEY on the command line, which allows remote attackers to obtain sensitive information by listing the processes. | 2014-04-29 | 5.0 | CVE-2013-7111 |
| birebin -- birebin.com_app | The Birebin.com application for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2014-04-25 | 6.4 | CVE-2014-2993 |
| bluecoat -- content_analysis_system_software | The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection." | 2014-04-30 | 6.5 | CVE-2014-2565 |
| canonical -- update-manager | DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade tarball, which allows man-in-the-middle attackers to (1) create or overwrite arbitrary files via a directory traversal attack using a crafted tar file, or (2) bypass authentication via a crafted meta-release file. | 2014-04-27 | 6.4 | CVE-2011-3152 |
| canonical -- ubuntu_linux | The Ubuntu Date and Time Indicator (aka indicator-datetime) 13.10.0+13.10.x before 13.10.0+13.10.20131023.2-0ubuntu1.1 does not properly restrict access to Evolution, which allows local users to bypass the greeter screen restrictions by clicking the date. | 2014-05-01 | 4.6 | CVE-2013-7374 |
| cisco -- telepresence_tc_software | Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows local users to gain privileges by leveraging improper handling of the u-boot compiler flag for internal executable files, aka Bug ID CSCub67693. | 2014-05-02 | 6.6 | CVE-2014-2172 |
| cisco -- unified_contact_center_enterprise | The Document Management component in Cisco Unified Contact Center Express does not properly validate a parameter, which allows remote authenticated users to upload files to arbitrary pathnames via a crafted HTTP request, aka Bug ID CSCun74133. | 2014-04-29 | 4.0 | CVE-2014-2180 |
| cisco -- adaptive_security_appliance_software | Cisco Adaptive Security Appliance (ASA) Software, when DHCPv6 replay is configured, allows remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 packet, aka Bug ID CSCun45520. | 2014-04-29 | 6.1 | CVE-2014-2182 |
| cisco -- asr_1001_router | The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973. | 2014-04-29 | 6.3 | CVE-2014-2183 |
| cisco -- unified_communications_manager | The IP Manager Assistant (IPMA) component in Cisco Unified Communications Manager (Unified CM) allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCun74352. | 2014-04-29 | 5.0 | CVE-2014-2184 |
| cisco -- unified_communications_manager | The Call Detail Records (CDR) Management component in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374. | 2014-04-29 | 4.0 | CVE-2014-2185 |
| cisco -- webex_meetings_server | Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj81777. | 2014-04-30 | 6.8 | CVE-2014-2186 |
| coreftp -- core_ftp | Core FTP Server 1.2 before build 515 allows remote attackers to cause a denial of service (reachable assertion and crash) via an AUTH SSL command with malformed data, as demonstrated by pressing the enter key twice. | 2014-05-01 | 4.3 | CVE-2014-1441 |
| coreftp -- core_ftp | Directory traversal vulnerability in Core FTP Server 1.2 before build 515 allows remote authenticated users to determine the existence of arbitrary files via a /../ sequence in an XCRC command. | 2014-05-01 | 4.0 | CVE-2014-1442 |
| coreftp -- core_ftp | Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via a USER command with a specific length, possibly related to an out-of-bounds read. | 2014-05-01 | 4.0 | CVE-2014-1443 |
| cybozu -- garoon | Cybozu Garoon 3.0 through 3.7 SP3 allows remote authenticated users to bypass intended access restrictions and delete schedule information via unspecified API calls. | 2014-05-02 | 6.0 | CVE-2014-1989 |
| dompdf -- dompdf | dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input_file parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the input_file parameter. | 2014-04-28 | 4.3 | CVE-2014-2383 |
| ecava -- integraxor | Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role. | 2014-04-30 | 5.0 | CVE-2014-0786 |
| emc -- rsa_access_manager | The runtime WS component in the server in EMC RSA Access Manager 6.1.3 before 6.1.3.39, 6.1.4 before 6.1.4.22, 6.2.0 before 6.2.0.11, and 6.2.1 before 6.2.1.03, when INFO logging is enabled, allows local users to discover cleartext passwords by reading log files. | 2014-05-01 | 6.9 | CVE-2014-0646 |
| entity_reference_project -- entityreference | The Entity reference module 7.x-1.x before 7.x-1.1-rc1 for Drupal allows remote attackers to read private nodes titles by leveraging edit permissions to a node that references a private node. | 2014-04-29 | 4.3 | CVE-2013-7066 |
| fortinet -- fortiweb | Cross-site scripting (XSS) vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2014-04-30 | 4.3 | CVE-2014-1955 |
| fortinet -- fortiweb | FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to gain privileges via unspecified vectors. | 2014-04-30 | 6.5 | CVE-2014-1957 |
| gnome -- gnome-shell | js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation with the keyboard focus on the Activities search. | 2014-04-29 | 4.6 | CVE-2013-7220 |
| gnome -- gnome-shell | The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3.10 does not prevent access to the "Enter a Command" dialog, which allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation. | 2014-04-29 | 4.6 | CVE-2013-7221 |
| gnustep -- base | Tools/gdomap.c in gdomap in GNUstep Base 1.24.6 and earlier, when run in daemon mode, does not properly handle the file descriptor for the logger, which allows remote attackers to cause a denial of service (abort) via an invalid request. | 2014-04-28 | 4.3 | CVE-2014-2980 |
| ibm -- websphere_application_server | IBM WebSphere Application Server (WAS) 8.x before 8.0.0.9 and 8.5.x before 8.5.5.2 allows remote attackers to read arbitrary files via a crafted URL. | 2014-05-01 | 4.3 | CVE-2014-0823 |
| ibm -- websphere_application_server | The Administrative Console in IBM WebSphere Application Server (WAS) 8.x before 8.0.0.9 and 8.5.x before 8.5.5.2 allows remote authenticated users to obtain sensitive information via a crafted request. | 2014-05-01 | 4.0 | CVE-2014-0857 |
| ibm -- websphere_application_server | The web-server plugin in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.33, 8.x before 8.0.0.9, and 8.5.x before 8.5.5.2, when POST retries are enabled, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | 2014-05-01 | 5.0 | CVE-2014-0859 |
| ibm -- websphere_application_server | IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before 8.5.5.2 allows remote attackers to obtain sensitive information via a crafted request. | 2014-05-01 | 4.3 | CVE-2014-0896 |
| igniterealtime -- smack | The ServerTrustManager component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verify basicConstraints and nameConstraints in X.509 certificate chains from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate chain. | 2014-04-30 | 5.8 | CVE-2014-0363 |
| igniterealtime -- smack | The ParseRoster component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verify the from attribute of a roster-query IQ stanza, which allows remote attackers to spoof IQ responses via a crafted attribute. | 2014-04-30 | 5.0 | CVE-2014-0364 |
| invitation_project -- invitation | The Invitation module 7.x-2.x for Drupal does not properly check permissions, which allows remote attackers to obtain sensitive information via unspecified default views. | 2014-04-29 | 5.0 | CVE-2013-7063 |
| joachim_noreiko -- flag_module | Cross-site scripting (XSS) vulnerability in the admin page in the Flag module 7.x-3.x before 7.x-3.1 for Drupal allows remote authenticated users with the "Administer flags" permission to inject arbitrary web script or HTML via the flag name. | 2014-04-27 | 4.3 | CVE-2013-4336 |
| linux -- linux_kernel | Off-by-one error in the bpf_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 3.1.8, when BPF JIT is enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges via a long jump after a conditional jump. | 2014-04-26 | 4.6 | CVE-2014-2889 |
| litech -- router_advertisement_daemon | Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. (dot dot) in an interface name. NOTE: this can be leveraged with a symlink to overwrite arbitrary files. | 2014-04-27 | 6.4 | CVE-2011-3602 |
| litech -- router_advertisement_daemon | The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact. | 2014-04-27 | 4.4 | CVE-2011-3603 |
| malcolm_nooning -- pirpc | The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Storable module, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized. | 2014-04-29 | 6.8 | CVE-2013-7284 |
| mediawiki -- mediawiki | Cross-site scripting (XSS) vulnerability in includes/actions/InfoAction.php in MediaWiki before 1.21.9 and 1.22.x before 1.22.6 allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action. | 2014-04-29 | 4.3 | CVE-2014-2853 |
| misli -- misli.com_app | The Misli.com application for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2014-04-25 | 6.4 | CVE-2014-2992 |
| mozilla -- firefox | maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process. | 2014-04-30 | 6.9 | CVE-2014-1520 |
| mozilla -- firefox | Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. | 2014-04-30 | 4.3 | CVE-2014-1523 |
| mozilla -- firefox | The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects. | 2014-04-30 | 5.8 | CVE-2014-1526 |
| mozilla -- firefox | Mozilla Firefox before 29.0 on Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses DOM events to prevent the reemergence of the actual address bar after scrolling has taken it off of the screen. | 2014-04-30 | 5.0 | CVE-2014-1527 |
| mozilla -- firefox | The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation. | 2014-04-30 | 4.3 | CVE-2014-1530 |
| neo4j -- neo4j | Multiple cross-site request forgery (CSRF) vulnerabilities in Neo4J 1.9.2 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary code, as demonstrated by a request to (1) db/data/ext/GremlinPlugin/graphdb/execute_script or (2) db/manage/server/console/. | 2014-04-29 | 4.3 | CVE-2013-7259 |
| net-snmp -- net-snmp | The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl. | 2014-04-27 | 4.3 | CVE-2014-2285 |
| openjpeg -- openjpeg | OpenJPEG 1.5.1 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read. | 2014-04-27 | 5.0 | CVE-2013-6053 |
| openjpeg -- openjpeg | OpenJPEG 1.5.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger NULL pointer dereferences, division-by-zero, and other errors. | 2014-04-27 | 6.4 | CVE-2013-6887 |
| openstack -- icehouse | The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location. | 2014-04-27 | 6.0 | CVE-2014-0162 |
| organic_groups_project -- organic_groups | The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to bypass access restriction and post to arbitrary groups via a group audience field, as demonstrated by the og_group_ref field. | 2014-04-29 | 5.8 | CVE-2013-7065 |
| organic_groups_project -- organic_groups | The Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users to bypass group restrictions on nodes with all groups set to optional input via an empty group field. | 2014-04-29 | 4.9 | CVE-2013-7068 |
| papercut -- papercut_mf | Unspecified vulnerability in Papercut MF and NG before 14.1 (Build 26983) allows attacker to cause a denial of service via unknown vectors. | 2014-04-28 | 5.0 | CVE-2014-2658 |
| php-fusion -- php-fusion | Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to inject arbitrary web script or HTML via the (1) highlight parameter to forum/viewthread.php; or remote authenticated users with certain permissions to inject arbitrary web script or HTML via the (2) user_list or (3) user_types parameter to messages.php; (4) message parameter to infusions/shoutbox_panel/shoutbox_admin.php; (5) message parameter to administration/news.php; (6) panel_list parameter to administration/panel_editor.php; (7) HTTP User Agent string to administration/phpinfo.php; (8) "__BBCODE__" parameter to administration/bbcodes.php; errorMessage parameter to (9) article_cats.php, (10) download_cats.php, (11) news_cats.php, or (12) weblink_cats.php in administration/, when error is 3; or (13) body or (14) body2 parameter to administration/articles.php. | 2014-04-29 | 4.3 | CVE-2013-1804 |
| php-fusion -- php-fusion | Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files via the (2) enable parameter to administration/user_fields.php or (3) file parameter to administration/db_backup.php. | 2014-04-30 | 6.5 | CVE-2013-1806 |
| php-fusion -- php-fusion | PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote attackers to obtain sensitive information via a direct request to the backup file in administration/db_backups/. | 2014-04-30 | 5.0 | CVE-2013-1807 |
| pocoproject -- poco_c++_libraries | The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate. | 2014-04-25 | 6.4 | CVE-2014-0350 |
| redhat -- enterprise_mrg | Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack. | 2014-04-30 | 5.0 | CVE-2013-6445 |
| sap -- netweaver_software_lifecycle_manager | The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP NetWeaver allows remote attackers to obtain sensitive information via a crafted request, related to SAP Solution Manager 7.1. | 2014-04-30 | 5.0 | CVE-2014-3129 |
| sap -- netweaver_abap_application_server | The ABAP Help documentation and translation tools (BC-DOC-HLP) in Basis in SAP Netweaver ABAP Application Server does not properly restrict access, which allows local users to gain privileges and execute ABAP instructions via crafted help messages. | 2014-04-30 | 4.6 | CVE-2014-3130 |
| sap -- profile_maintenance | SAP Profile Maintenance does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7.1. | 2014-04-30 | 4.0 | CVE-2014-3131 |
| sap -- background_processing | SAP Background Processing does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7.1. | 2014-04-30 | 4.0 | CVE-2014-3132 |
| sap -- netweaver_java_application_server | SAP Netweaver Java Application Server does not properly restrict access, which allows remote attackers to obtain the list of SAP systems registered on an SLD via an unspecified webdynpro, related to SystemSelection. | 2014-04-30 | 5.0 | CVE-2014-3133 |
| sap -- businessobjects | Cross-site scripting (XSS) vulnerability in the InfoView application in SAP BusinessObjects allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2014-04-30 | 4.3 | CVE-2014-3134 |
| simplemachines -- simple_machines_forum | Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header. | 2014-04-29 | 4.3 | CVE-2013-7234 |
| southrivertech -- titan_ftp_server | Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter. | 2014-04-29 | 5.0 | CVE-2014-1841 |
| southrivertech -- titan_ftp_server | Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value. | 2014-04-29 | 5.0 | CVE-2014-1842 |
| southrivertech -- titan_ftp_server | Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter. | 2014-04-29 | 5.0 | CVE-2014-1843 |
| tibco -- managed_file_transfer_command_center | TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File Transfer Command Center before 7.2.2, Slingshot before 1.9.1, and Vault before 1.0.1 allow remote attackers to obtain sensitive information via a crafted HTTP request. | 2014-04-30 | 5.0 | CVE-2014-2545 |
| transifex -- transifex | Transifex command-line client before 0.9 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate. | 2014-05-01 | 4.3 | CVE-2013-2073 |
| transifex -- transifex | Transifex command-line client before 0.10 does not validate X.509 certificates for data transfer connections, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-2073. | 2014-05-01 | 4.3 | CVE-2013-7110 |
| ubercart -- ubercart | Session fixation vulnerability in the Ubercart module 6.x-2.x before 6.x-2.13 and 7.x-3.x before 7.x-3.6 for Drupal, when the "Log in new customers after checkout" option is enabled, allows remote attackers to hijack web sessions by leveraging knowledge of the original session ID. | 2014-04-29 | 6.8 | CVE-2013-7302 |
| vbulletin -- vbulletin | Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 5.1.1 Alpha 9 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to privatemessage/new/, (2) the folderid parameter to a private message in privatemessage/view, (3) a fragment indicator to /help, or (4) the view parameter to a topic, as demonstrated by a request to forum/anunturi-importante/rst-power/67030-rst-admin-restore. | 2014-04-30 | 4.3 | CVE-2014-3135 |
| videowhisper -- videowhisper | Multiple cross-site scripting (XSS) vulnerabilities in vwrooms\templates\logout.tpl.php in the VideoWhisper Webcam plugins for Drupal 7.x allow remote attackers to inject arbitrary web script or HTML via the (1) module or (2) message parameter to index.php. | 2014-04-28 | 4.3 | CVE-2014-2715 |
| xen -- xen | The vgic_distr_mmio_write function in the virtual guest interrupt controller (GIC) distributor (arch/arm/vgic.c) in Xen 4.4.x, when running on an ARM system, allows local guest users to cause a denial of service (NULL pointer dereference and host crash) via unspecified vectors. | 2014-04-28 | 5.5 | CVE-2014-2986 |
| xerox -- docushare | SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 Hotfix 2, 6.6.1 Update 1before Hotfix 24, and 6.6.1 Update 2 before Hotfix 3 allows remote authenticated users to execute arbitrary SQL commands via the PATH_INFO to /docushare/dsweb/ResultBackgroundJobMultiple/. NOTE: some of these details are obtained from third party information. | 2014-05-01 | 6.5 | CVE-2014-3138 |
| zarafa -- zarafa | The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 5.00 before 7.1.8 beta2 allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointer of the username." | 2014-04-28 | 5.0 | CVE-2014-0037 |
| zarafa -- zarafa | The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 7.1.8, 6.20.0, and earlier, when using certain build conditions, allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointer of the password." | 2014-04-28 | 5.0 | CVE-2014-0079 |
| zlib -- pigz | Race condition in pigz before 2.2.5 uses permissions derived from the umask when compressing a file before setting that file's permissions to match those of the original file, which might allow local users to bypass intended access permissions while compression is occurring. | 2014-04-27 | 4.4 | CVE-2013-0296 |
Low Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| ajenti -- ajenti | Cross-site scripting (XSS) vulnerability in plugins/main/content/js/ajenti.coffee in Eugene Pankov Ajenti 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via the command field in the Cron functionality. | 2014-04-30 | 3.5 | CVE-2014-2260 |
| blender -- blender | The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103. | 2014-04-27 | 3.3 | CVE-2010-5105 |
| cybozu -- garoon | The Phone Messages feature in Cybozu Garoon 2.0.0 through 3.7 SP2 allows remote authenticated users to cause a denial of service (resource consumption) via unspecified vectors. | 2014-05-02 | 3.5 | CVE-2014-1988 |
| dkorunic -- pam_s/key | A certain Gentoo patch for the PAM S/Key module does not properly clear credentials from memory, which allows local users to obtain sensitive information by reading system memory. | 2014-04-28 | 2.1 | CVE-2013-4285 |
| freelance-it-consultant -- eu_cookie_compliance | Cross-site scripting (XSS) vulnerability in the EU Cookie Compliance module 7.x-1.x before 7.x-1.12 for Drupal allows remote authenticated administrators with the "Administer EU Cookie Compliance popup" permission to inject arbitrary web script or HTML via unspecified configuration values. | 2014-04-29 | 2.1 | CVE-2013-7064 |
| gnome -- gnome_display_manager | GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name. | 2014-04-29 | 2.1 | CVE-2013-7273 |
| ibm -- websphere_application_server | Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.33, 8.x before 8.0.0.9, and 8.5.x before 8.5.5.2, and WebSphere Virtual Enterprise 7.x before 7.0.0.5, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 2014-05-01 | 3.5 | CVE-2013-6323 |
| ibm -- tivoli_netcool/omnibus | Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-0942. | 2014-05-01 | 3.5 | CVE-2014-0941 |
| ibm -- tivoli_netcool/omnibus | Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-0941. | 2014-05-01 | 3.5 | CVE-2014-0942 |
| linux -- linux_kernel | The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program. | 2014-04-26 | 2.1 | CVE-2014-0181 |
- 원본기사확인하기: [US-CERT: Bulletin(SB14-125)] 2014년 5월 5일까지 발표된 보안 취약점
'IT 와 Social 이야기 > Security' 카테고리의 다른 글
| [IBM Security Systems] 4 Undeniable Truths about Advanced Threat Protection (0) | 2014.05.08 |
|---|---|
| [Benild Joseph] Information Security (0) | 2014.05.07 |
| [DB진흥원 무료 보안 세미나] 기업에서의 선제적 데이터 보안 전략 (0) | 2014.05.07 |
| [AfiqEfendy Zaen] OS & Database Security (0) | 2014.05.07 |
| [greensql] Database Security as easy as ABC (0) | 2014.05.07 |
