The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by their research department for the Week of August 11, 2014.
The National Institute of Standards and Technology (NIST) have recorded vulnerabilities, which are security weakness found in a program or operating system that can make a system susceptible to malware attacks.
Common vulnerabilities and their impact recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week are:
- Vulnerabilities in Adobe Flash Player before 188.8.131.52 and 14.x before 184.108.40.206 on Windows and OS X and before 220.127.116.110 on Linux do not completely restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors. Find out the vulnerable versions of in Adobe Flash Player from here: http://goo.gl/3i9kHm
- Vulnerabilities in the EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service. Find out other vulnerable versions from here: http://goo.gl/x3tB1r
- SQL injection vulnerability in game_play.php in the FB Gorilla plugin for WordPress allows hackers to execute arbitrary SQL commands via the id parameter. Find out other vulnerable versions from here: http://goo.gl/LrjeHA
- Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.143 allow cyber-criminals to cause a denial of service attack or possibly have other impact via unknown vectors. Find out the vulnerable versions of Google Chrome from here: http://goo.gl/FL9mti
- Vulnerabilities in Microsoft Internet Explorer 6 through 11 allow hackers to execute arbitrary code or cause a denial of service (memory corruption vulnerability) via a crafted website. Find out the vulnerable versions of Microsoft Internet Explorer from here: http://goo.gl/s1PgDE
There are many such vulnerable software ranked in the division of high, medium, and low severities.
To know more about these vulnerable software and the affected versions read the US-CERT Cyber Security Bulletin from here: http://goo.gl/pCs4AZ