| apache — cxf |
Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (memory consumption) via a large request with the Content-Type set to text/html to a SOAP endpoint, which triggers an error. |
2014-05-08 |
4.3 |
CVE-2014-0109 |
| apache — cxf |
Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (/tmp disk consumption) via a large invalid SOAP message. |
2014-05-08 |
4.3 |
CVE-2014-0110 |
| apache — struts |
CookieInterceptor in Apache Struts 2.x before 2.3.16.3, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to “manipulate” the ClassLoader and modify session state via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0113. |
2014-05-08 |
5.8 |
CVE-2014-0116 |
| ayatana_project — unity |
Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash. |
2014-05-06 |
4.4 |
CVE-2014-3202 |
| ayatana_project — unity |
Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key before the screen auto-locks. |
2014-05-06 |
4.4 |
CVE-2014-3203 |
| ayatana_project — unity |
Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and then pressing the ALT and F2 keys. |
2014-05-06 |
4.4 |
CVE-2014-3204 |
| bestpractical — request_tracker |
Cross-site scripting (XSS) vulnerability in the MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Request Tracker (RT) 4.0.0 before 4.0.13 allows remote attackers to inject arbitrary web script or HTML via the name of an attached file. |
2014-05-05 |
4.3 |
CVE-2013-3736 |
| bradesco_gateway_plugin_project — bradesco_gateway |
Cross-site scripting (XSS) vulnerability in falha.php in the Bradesco Gateway plugin 2.0 for WordPress, as used in the WP e-Commerce plugin, allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING. |
2014-05-08 |
4.3 |
CVE-2013-5916 |
| cisco — nexus_7000 |
Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136. |
2014-05-07 |
4.6 |
CVE-2014-0684 |
| cisco — cisco_nexus_1000v_intercloud |
Cisco Nexus 1000V InterCloud 5.2(1)IC1(1.2) and earlier for VMware allows remote attackers to bypass ACL deny statements via crafted (1) IGMPv2 or (2) IGMPv3 packets, aka Bug ID CSCug61691. |
2014-05-07 |
5.0 |
CVE-2014-0685 |
| cisco — adaptive_security_appliance_software |
Cisco Adaptive Security Appliance (ASA) Software allows remote authenticated users to read files by sending a crafted URL to the HTTP server, as demonstrated by reading the running configuration, aka Bug ID CSCun78551. |
2014-05-07 |
6.8 |
CVE-2014-2181 |
| cisco — broadband_access_center_telco_wireless_software |
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless (aka BAC-TW) allows remote attackers to hijack the authentication of arbitrary users for requests that make BAC-TW changes, aka Bug IDs CSCuo23804 and CSCuo26389. |
2014-05-07 |
6.8 |
CVE-2014-2190 |
| cisco — broadband_access_center_telco_wireless_software |
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless (aka BAC-TW) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun91113. |
2014-05-07 |
4.3 |
CVE-2014-2191 |
| citrix — netscaler_access_gateway |
Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
2014-05-02 |
4.3 |
CVE-2014-1899 |
| cristian_gafton — pam_userdb |
The pam_userdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack. |
2014-05-08 |
4.3 |
CVE-2013-7041 |
| david_leonard — pkstat |
tmp_smtp.c in pktstat 1.8.5 allows local users to overwrite arbitrary files via a symlink attack on /tmp/smtp.log. |
2014-05-05 |
6.3 |
CVE-2013-0350 |
| debian — xbuffy |
Stack-based buffer overflow in a certain Debian patch for xbuffy before 3.3.bl.3.dfsg-9 allows remote attackers to execute arbitrary code via the subject of an email, possibly related to indent subject lines. |
2014-05-05 |
6.8 |
CVE-2014-0469 |
| debian — strongswan |
strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload. |
2014-05-07 |
5.0 |
CVE-2014-2891 |
| digia — qt |
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image. |
2014-05-08 |
4.3 |
CVE-2014-0190 |
| fishshell — fish |
fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions. |
2014-05-02 |
6.9 |
CVE-2014-2905 |
| fortinet — fortiweb |
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators via unspecified vectors. |
2014-05-08 |
6.8 |
CVE-2014-3115 |
| freebsd — freebsd |
The device file system (aka devfs) in FreeBSD 10.0 before p2 does not load default rulesets when booting, which allows context-dependent attackers to bypass intended restrictions by leveraging a jailed device node process. |
2014-05-02 |
5.8 |
CVE-2014-3001 |
| gnu — rush |
GNU Rush 1.7 does not properly drop privileges, which allows local users to read arbitrary files via the –lint option. |
2014-05-08 |
4.9 |
CVE-2013-6889 |
| google — search_appliance_software |
Cross-site scripting (XSS) vulnerability on Google Search Appliance (GSA) devices before 7.0.14.G.216 and 7.2 before 7.2.0.G.114, when dynamic navigation is configured, allows remote attackers to inject arbitrary web script or HTML via input included in a SCRIPT element. |
2014-05-08 |
4.3 |
CVE-2014-0362 |
| hp — oneview |
Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors. |
2014-05-08 |
6.5 |
CVE-2014-2602 |
| ibm — websphere_mq |
inetd in IBM WebSphere MQ 7.1.x before 7.1.0.5 and 7.5.x before 7.5.0.4 allows remote attackers to cause a denial of service (disk or CPU consumption) via unspecified vectors. |
2014-05-07 |
4.3 |
CVE-2014-0911 |
| ibm — lotus_domino |
Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via an e-mail message, aka SPR BFEY9GXHZE. |
2014-05-08 |
4.3 |
CVE-2014-0913 |
| ibm — aix |
The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation. |
2014-05-08 |
4.7 |
CVE-2014-0930 |
| ibm — operational_decision_manager |
Cross-site request forgery (CSRF) vulnerability in the RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. |
2014-05-09 |
6.0 |
CVE-2014-0944 |
| ibm — operational_decision_manager |
The RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 does not send appropriate Cache-Control HTTP headers, which allows remote attackers to obtain sensitive information by leveraging an unattended workstation. |
2014-05-09 |
4.3 |
CVE-2014-0946 |
| intra-mart — webplatform/appframework |
Open redirect vulnerability in WebPlatform / AppFramework 6.0 through 7.2 in NTT DATA INTRAMART intra-mart allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
2014-05-09 |
5.8 |
CVE-2014-1991 |
| isc — bind |
The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a DNS query that triggers a response with unspecified attributes. |
2014-05-08 |
5.0 |
CVE-2014-3214 |
| libpng — libpng |
Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow. |
2014-05-06 |
5.0 |
CVE-2013-7353 |
| libpng — libpng |
Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow. |
2014-05-06 |
5.0 |
CVE-2013-7354 |
| linux — linux_kernel |
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the “LECHO & !OPOST” case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. |
2014-05-07 |
6.9 |
CVE-2014-0196 |
| livezilla — livezilla |
Multiple cross-site scripting (XSS) vulnerabilities in LiveZilla before 5.1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) full name field, (2) company field, or (3) filename to chat.php. |
2014-05-05 |
4.3 |
CVE-2013-7003 |
| nagios — plugins |
The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins 1.4.16 allows local users to gain privileges via a symlink attack on /tmp/ipxping/ipxping. |
2014-05-05 |
4.4 |
CVE-2013-4215 |
| netty_project — netty |
WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames. |
2014-05-06 |
5.0 |
CVE-2014-0193 |
| openssl — openssl |
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition. |
2014-05-06 |
4.3 |
CVE-2014-0198 |
| phplist — phplist |
Cross-site request forgery (CSRF) vulnerability in the subscription page editor (spageedit) in phpList before 3.0.6 allows remote attackers to hijack the authentication of administrators via a request to admin/. |
2014-05-05 |
6.8 |
CVE-2014-2916 |
| plone — plone |
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope. |
2014-05-02 |
5.0 |
CVE-2013-7060 |
| plone — plone |
Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API. |
2014-05-02 |
4.0 |
CVE-2013-7061 |
| pywbem_project — pywbem |
PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate. |
2014-05-05 |
5.8 |
CVE-2013-6418 |
| pywbem_project — pywbem |
PyWBEM 0.7 and earlier does not verify that the server hostname matches a domain name in the subject’s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. |
2014-05-05 |
5.8 |
CVE-2013-6444 |
| qemu — qemu |
hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information. |
2014-05-08 |
4.9 |
CVE-2013-4544 |
| randall_hand — yerase’s_tnef_stream_reader |
Off-by-one error in the DecompressRTF function in ytnef.c in Yerase’s TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow. |
2014-05-05 |
4.3 |
CVE-2010-5109 |
| redhat — jboss_web_framework_kit |
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss Web Framework Kit 2.5.0 allow remote attackers to inject arbitrary web script or HTML via a (1) parameter or (2) id name. |
2014-05-05 |
4.3 |
CVE-2014-0149 |
| redhat — policycoreutils |
seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges. |
2014-05-08 |
6.9 |
CVE-2014-3215 |
| rubyonrails — ruby_on_rails |
Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request. |
2014-05-07 |
4.3 |
CVE-2014-0130 |
| semantictitle_project — semantictitle |
Cross-site scripting (XSS) vulnerability in the SemanticTitle extension before 1.1.0 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
2014-05-08 |
4.3 |
CVE-2014-2854 |
| sitepark — information_enterprise_server |
Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when upgraded from an earlier version, does not properly restrict access, which allows remote attackers to change the manager account password and obtain sensitive information via a request to install/. |
2014-05-02 |
6.8 |
CVE-2014-3006 |
| sks_keyserver_project — sks_keyserver |
Cross-site scripting (XSS) vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to pks/lookup/undefined1. |
2014-05-08 |
4.3 |
CVE-2014-3207 |
| skyphe — file-gallery |
The File Gallery plugin before 1.7.9.2 for WordPress does not properly escape strings, which allows remote administrators to execute arbitrary PHP code via a ‘ (backslash quote) in the setting fields to /wp-admin/options-media.php, related to the create_function function. |
2014-05-06 |
6.5 |
CVE-2014-2558 |
| slashes&dots — offria |
Cross-site scripting (XSS) vulnerability in Offiria 2.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to installer/index.php. |
2014-05-08 |
4.3 |
CVE-2014-2689 |
| theforeman — foreman |
Foreman before 1.1 uses a salt of “foreman” to hash root passwords, which makes it easier for attackers to guess the password via a brute force attack. |
2014-05-08 |
5.0 |
CVE-2013-0173 |
| theforeman — foreman |
The external node classifier (ENC) API in Foreman before 1.1 allows remote attackers to obtain the hashed root password via an API request. |
2014-05-08 |
5.0 |
CVE-2013-0174 |
| theforeman — foreman |
Foreman before 1.1 allows remote authenticated users to gain privileges via a (1) XMLHttpRequest or (2) AJAX request. |
2014-05-08 |
6.5 |
CVE-2013-0187 |
| theforeman — foreman |
Session fixation vulnerability in Foreman before 1.4.2 allows remote attackers to hijack web sessions via the session id cookie. |
2014-05-08 |
6.8 |
CVE-2014-0090 |
| theforeman — foreman |
Foreman 1.4.0 before 1.5.0 does not properly restrict access to provisioning template previews, which allows remote attackers to obtain sensitive information via the hostname parameter, related to “spoof.” |
2014-05-08 |
5.0 |
CVE-2014-0192 |
| xen — xen |
The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecified memory page types. |
2014-05-07 |
6.7 |
CVE-2014-3124 |
| xen — xen |
Xen 4.4.x, when running on an ARM system, does not properly context switch the CNTKCTL_EL1 register, which allows local guest users to modify the hardware timers and cause a denial of service (crash) via unspecified vectors. |
2014-05-02 |
6.2 |
CVE-2014-3125 |
| zabbix — zabbix |
The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request. |
2014-05-08 |
4.0 |
CVE-2014-1682 |
| zabbix — zabbix |
The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote “Zabbix Admin” users to modify the media of arbitrary users via unspecified vectors. |
2014-05-08 |
5.5 |
CVE-2014-1685 |
