CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-5385 287 2014-08-21 2014-08-22
5.0
None Remote Low Not required None Partial None
com/salesmanager/central/profile/ProfileAction.java in Shopizer 1.1.5 and earlier does not restrict the number of authentication attempts, which makes it easier for remote attackers to guess passwords via a brute force attack.
2 CVE-2014-5384 119 DoS Overflow 2014-08-21 2014-08-21
5.0
None Remote Low Not required None None Partial
The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types.
3 CVE-2014-5368 22 Dir. Trav. 2014-08-22 2014-08-27
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the file_get_contents function in downloadfiles/download.php in the WP Content Source Control (wp-source-control) plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter.
4 CVE-2014-5350 22 Dir. Trav. 2014-08-19 2014-08-20
5.0
None Remote Low Not required Partial None None
Multiple directory traversal vulnerabilities in Bitdefender GravityZone before 5.1.11.432 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the id parameter to webservice/CORE/downloadFullKitEpc/a/1 in the Web Console or (2) %2E%2E (encoded dot dot) in the default URI to port 7074 on the Update Server.
5 CVE-2014-5349 119 1 DoS Overflow 2014-08-19 2014-08-20
5.0
None Remote Low Not required None None Partial
Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print JavaScript function.
6 CVE-2014-5266 399 DoS 2014-08-18 2014-08-28
5.0
None Remote Low Not required None None Partial
The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, does not limit the number of elements in an XML document, which allows remote attackers to cause a denial of service (CPU consumption) via a large document, a different vulnerability than CVE-2014-5265.
7 CVE-2014-5265 399 DoS 2014-08-18 2014-08-28
5.0
None Remote Low Not required None None Partial
The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
8 CVE-2014-5187 22 Dir. Trav. 2014-08-06 2014-08-07
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the Tom M8te (tom-m8te) plugin 1.5.3 for WordPress allows remote attackers to read arbitrary files via the file parameter to tom-download-file.php.
9 CVE-2014-5181 22 Dir. Trav. 2014-08-06 2014-08-07
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in lastfm-proxy.php in the Last.fm Rotation (lastfm-rotation) plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the snode parameter.
10 CVE-2014-5173 264 Bypass 2014-07-31 2014-08-01
5.0
None Remote Low Not required Partial None None
SAP HANA Extend Application Services (XS) allows remote attackers to bypass access restrictions via a request to a private IU5 SDK application that was once public.
11 CVE-2014-5165 119 DoS Overflow 2014-08-01 2014-08-01
5.0
None Remote Low Not required None None Partial
The dissect_ber_constrained_bitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.10.x before 1.10.9 does not properly validate padding values, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet.
12 CVE-2014-5164 119 DoS Overflow 2014-08-01 2014-08-01
5.0
None Remote Low Not required None None Partial
The rlc_decode_li function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.10.x before 1.10.9 initializes a certain structure member only after this member is used, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
13 CVE-2014-5163 119 DoS Overflow 2014-08-01 2014-08-01
5.0
None Remote Low Not required None None Partial
The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
14 CVE-2014-5162 119 DoS Overflow 2014-08-01 2014-08-01
5.0
None Remote Low Not required None None Partial
The read_new_line function in wiretap/catapult_dct2000.c in the Catapult DCT2000 dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' and '\r' characters, which allows remote attackers to cause a denial of service (off-by-one buffer underflow and application crash) via a crafted packet.
15 CVE-2014-5161 119 DoS Overflow 2014-08-01 2014-08-01
5.0
None Remote Low Not required None None Partial
The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet.
16 CVE-2014-5122 2014-08-22 2014-08-27
5.8
None Remote Medium Not required Partial Partial None
Open redirect vulnerability in ESRI ArcGIS for Server 10.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, related to login.
17 CVE-2014-5117 2014-07-30 2014-08-04
5.8
None Remote Medium Not required Partial Partial None
Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAY_EARLY cells as a means of communicating information about hidden service names.
18 CVE-2014-5116 1 DoS 2014-07-29 2014-07-30
5.0
None Remote Low Not required None None Partial
The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a large string.
19 CVE-2014-5115 22 1 Dir. Trav. 2014-07-29 2014-08-27
5.0
None Remote Low Not required Partial None None
Absolute path traversal vulnerability in DirPHP 1.0 allows remote attackers to read arbitrary files via a full pathname in the phpfile parameter to index.php.
20 CVE-2014-5111 22 Dir. Trav. 2014-07-28 2014-07-29
5.0
None Remote Low Not required Partial None None
Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.
21 CVE-2014-5107 200 +Info 2014-07-28 2014-07-29
5.0
None Remote Low Not required Partial None None
concrete5 before 5.6.3 allows remote attackers to obtain the installation path via a direct request to (1) system/basics/editor.php, (2) system/view.php, (3) system/environment/file_storage_locations.php, (4) system/mail/importers.php, (5) system/mail/method.php, (6) system/permissions/file_types.php, (7) system/permissions/files.php, (8) system/permissions/tasks.php, (9) system/permissions/users.php, (10) system/seo/view.php, (11) view.php, (12) users/attributes.php, (13) scrapbook/view.php, (14) pages/attributes.php, (15) files/attributes.php, or (16) files/search.php in single_pages/dashboard/.
22 CVE-2014-5077 DoS 2014-08-01 2014-08-01
5.4
None Remote High Not required None None Complete
The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction.
23 CVE-2014-5031 264 +Info 2014-07-29 2014-07-30
5.0
None Remote Low Not required Partial None None
The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
24 CVE-2014-5019 20 DoS 2014-07-22 2014-07-22
5.0
None Remote Low Not required None None Partial
The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 allows remote attackers to cause a denial of service via a crafted HTTP Host header, related to determining which configuration file to use.
25 CVE-2014-5015 264 Bypass 2014-07-24 2014-07-25
5.0
None Remote Low Not required Partial None None
bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme and access restrictions via a long path.
26 CVE-2014-4980 200 +Info 2014-07-23 2014-07-24
5.0
None Remote Low Not required Partial None None
The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive information via the token parameter.
27 CVE-2014-4976 264 2014-07-16 2014-07-16
5.5
None Remote Low Single system None Partial Partial
Dell SonicWall Scrutinizer 11.0.1 allows remote authenticated users to change the change user passwords via the user ID in the savePrefs parameter in a change password request to cgi-bin/admin.cgi.
28 CVE-2014-4942 200 +Info 2014-07-11 2014-07-14
5.0
None Remote Low Not required Partial None None
The EasyCart (wp-easycart) plugin before 2.0.6 for WordPress allows remote attackers to obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function.
29 CVE-2014-4941 22 Dir. Trav. 2014-07-11 2014-07-14
5.0
None Remote Low Not required Partial None None
Absolute path traversal vulnerability in Cross-RSS (wp-cross-rss) plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php.
30 CVE-2014-4940 22 Dir. Trav. 2014-07-11 2014-07-14
5.0
None Remote Low Not required Partial None None
Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.
31 CVE-2014-4937 22 Dir. Trav. 2014-07-11 2014-07-14
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in includes/bookx_export.php BookX plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
32 CVE-2014-4911 310 DoS 2014-07-22 2014-08-01
5.0
None Remote Low Not required None None Partial
The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3.8 allows remote attackers to cause a denial of service (crash) via vectors related to the GCM ciphersuites, as demonstrated using the Codenomicon Defensics toolkit.
33 CVE-2014-4851 2014-07-10 2014-07-10
5.8
None Remote Medium Not required Partial Partial None
Open redirect vulnerability in msg.php in FoeCMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the r parameter.
34 CVE-2014-4775 255 +Info 2014-08-17 2014-08-18
5.0
None Remote Low Not required Partial None None
IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1-FP11 and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1-FP15 and 10.x and 11.x before 11.3-IF2 do not properly protect credentials, which allows remote attackers to obtain sensitive information via unspecified vectors.
35 CVE-2014-4760 2014-08-12 2014-08-12
5.8
None Remote Medium Not required Partial Partial None
Open redirect vulnerability in IBM WebSphere Portal 6.1.0.0 through 6.1.0.6 CF27, 6.1.5.0 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 before 8.0.0.1 CF13, and 8.5.0 before CF01 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
36 CVE-2014-4746 200 +Info 2014-08-12 2014-08-12
5.0
None Remote Low Not required Partial None None
IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF13 and 8.5.0 through CF01 provides different error codes for firewall-traversal requests depending on whether the intranet host exists, which allows remote attackers to map the intranet network via a series of requests.
37 CVE-2014-4720 DoS 2014-07-06 2014-07-07
5.0
None Remote Low Not required None None Partial
Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via vectors related to "backtracking into the phrase," a different vulnerability than CVE-2014-0477.
38 CVE-2014-4715 189 DoS Overflow Mem. Corr. 2014-07-03 2014-07-17
5.0
None Remote Low Not required None None Partial
Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run, a different vulnerability than CVE-2014-4611.
39 CVE-2014-4696 2014-07-02 2014-07-02
5.8
None Remote Medium Not required Partial Partial None
Multiple open redirect vulnerabilities in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to suricata_rules_flowbits.php or (2) the returl parameter to suricata_select_alias.php.
40 CVE-2014-4695 2014-07-02 2014-07-02
5.8
None Remote Medium Not required Partial Partial None
Multiple open redirect vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to snort_rules_flowbits.php or (2) the returl parameter to snort_select_alias.php.
41 CVE-2014-4690 22 Dir. Trav. 2014-07-02 2014-07-02
5.0
None Remote Low Not required Partial None None
Multiple directory traversal vulnerabilities in pfSense before 2.1.4 allow (1) remote attackers to read arbitrary .info files via a crafted path in the pkg parameter to pkg_mgr_install.php and allow (2) remote authenticated users to read arbitrary files via the downloadbackup parameter to system_firmware_restorefullbackup.php.
42 CVE-2014-4689 22 Dir. Trav. 2014-07-02 2014-07-02
5.0
None Remote Low Not required Partial None None
Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attackers to read arbitrary XML files via a full pathname in the xml parameter.
43 CVE-2014-4682 200 +Info 2014-07-24 2014-07-25
5.0
None Remote Low Not required Partial None None
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request.
44 CVE-2014-4667 20 DoS 2014-07-03 2014-07-17
5.0
None Remote Low Not required None None Partial
The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.
45 CVE-2014-4643 119 1 DoS Exec Code Overflow 2014-06-25 2014-06-26
5.0
None Remote Low Not required None None Partial
Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in a reply to a (1) USER, (2) PASS, (3) PASV, (4) SYST, (5) PWD, or (6) CDUP command.
46 CVE-2014-4617 20 DoS 2014-06-25 2014-08-01
5.0
None Remote Low Not required None None Partial
The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.
47 CVE-2014-4615 200 +Info 2014-08-19 2014-08-20
5.0
None Remote Low Not required Partial None None
The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/meters/http.request).
48 CVE-2014-4611 20 DoS Overflow Mem. Corr. 2014-07-03 2014-08-01
5.0
None Remote Low Not required None None Partial
Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715.
49 CVE-2014-4608 119 DoS Overflow Mem. Corr. 2014-07-03 2014-08-01
5.0
None Remote Low Not required None None Partial
** DISPUTED ** Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says "the Linux kernel is *not* affected; media hype."
50 CVE-2014-4347 200 +Info 2014-07-16 2014-08-01
5.0
None Remote Low Not required Partial None None
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.